Hi, After a recovery from a recent hacking (which my friend was responsible of by setting root password to root and allowing root ssh login), I took some time to parse the logs. While looking, I notice that lastb wasn't returning anything.
In /var/log/auth.log, there was this message everytime someone failed to connect : "sshd[5528]: Excess permission or bad ownership on file /var/log/btmp" It turns out that sshd refuses to write to btmp if group/all have read/write/execute access to the file. chmod 600 /var/log/btmp solves the problem. But I know some people might find useful to allow group read access. Although, at the moment lastb is completely unusable, so I suggest changing the permissions on the file. _______________________________________________ arch mailing list arch@archlinux.org http://www.archlinux.org/mailman/listinfo/arch
