Hello all,
I've been using Denyhosts now on both my boxes since mid to late February of
this year. I do have a question though, something I've come across in the
logfiles. I've been seeing this come up a lot over the past couple days, and
for whatever reason, my config-set regex seem to be missing this.
Nov 19 21:22:33 torpedo sshd[13036]: pam_unix(sshd:auth): authentication
failure
; logname= uid=0 euid=0 tty=ssh ruser= rhost=89-24-82-38.i4g.tmcz.cz
user=root
Nov 19 21:22:35 torpedo sshd[13034]: error: PAM: Authentication failure for
root
from 89-24-82-38.i4g.tmcz.cz
My regexes, as I have them are as follows:
FAILED_ENTRY_REGEX=error: PAM: authentication failure for
(?P<invalid>invalid user |illegal user )?(?P<user>.*?) from (::ffff:)?(?P<
host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})
USERDEF_FAILED_ENTRY_REGEX=authentication failure.* ruser=
rhost=(?P<host>\S+) user=(?P<user>\S+)
... What am I screwing up? If anyone can unbreak me that would be greatly
appreciated.
Thanks,
James Homuth
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Denyhosts-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/denyhosts-user
