ssh error in /var/log/secure

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Hi -

I just bought a xen VPS and am running CentOS 5 on it (updated to 5.2).
With all my personal machines sitting at home behind a router with all ports (except for BitTorrent) closed - I had forgotten how frequent brute force ssh attacks are, but within a day, the log was loaded with them.

So I did two things - I installed and configured pam_abl and I moved the ssh port to 1294 ( a > 1024 number that means something to me so easy to remember) and then blocked port 22 in iptables.

Interestingly - after installing pam_able before I configured and restarted sshd, pam_able was already building a database of hosts - the attacks were that frequent. Nothing after restarting sshd on the new port though, at least so far.

Anyway - while the server is working on the new port and I can connect, I noticed this error:

Oct  4 09:01:25 li34-4 sshd[2305]: Server listening on :: port 1294.
Oct 4 09:01:25 li34-4 sshd[2305]: error: Bind to port 1294 on 0.0.0.0 failed:
Address already in use.

Is that caused by a mis-configuration on my part?
The only change I made to sshd was the Port directive (root login was already disabled in the xen image I started from)

It looks like it is listening on the port and then trying to bind to the port a second time.

Is that from having two IPs on the same nic (eth0 and eth0:1) ?
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux