Am 07.03.2013 19:49, schrieb Les Mikesell: > On Thu, Mar 7, 2013 at 10:45 AM, Tilman Schmidt > <t.schmidt@xxxxxxxxxxxxxxxxxx> wrote: >>>> Any ideas how to remedy that situation? >>> >>> As long as you get the IP address for failed logins, ignore reverse >>> mapping failures. >> >> Trouble is, I don't: > > Does it work if you set > UseDNS no > in /etc/ssh/sshd_config? Not really. That seems to remove the "reverse mapping checking failed" messages (assuming there were the usual number of such attempts after I set that option), but IP addresses for failed logins to existing users are never logged. The log contains just: sshd[27912]: Disconnecting: Too many authentication failures for root In contrast, log entries for login attempts with non-existing user names do contain the source IP address: sshd[30576]: Invalid user condor from 62.201.70.8 But this is true on both CentOS 5 and 6, so it's apparently the way OpenSSH decided to do things, and cannot be remedied by the distribution. -- Tilman Schmidt Phoenix Software GmbH Bonn, Germany
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
