Thanks for the update Phil. I did a little digging around and have added:
UseDNS no to sshd_config. Hopefully that should only report ip addresses. Posting to list in case this helps anyone. Cheers. Nazar. 2009/4/7 Phil Schwartz <[email protected]> > > DH doesn't handle reverse DNS by default. You can create custom regexes > to do it but it would be best if your sshd server was configured to > log ip addresses rather than FQDN's. > > Regards, > > Phil > > On Tue, 7 Apr 2009, Nazar Aziz wrote: > > > Hi There. > > > > There might be an issue with DenyHost's reverse DNS name lookup. > > > > My sshd logs show: > > > > Apr 7 11:08:24 [sshd(pam_unix)] authentication failure; logname= uid=0 > > euid=0 tty=ssh ruser= rhost=144.14.103.87.rev.vodafone.pt user=root > > Apr 7 11:08:24 [sshd(pam_unix)] authentication failure; logname= uid=0 > > euid=0 tty=ssh ruser= rhost=144.14.103.87.rev.vodafone.pt user=root > > Apr 7 11:08:24 [sshd(pam_unix)] authentication failure; logname= uid=0 > > euid=0 tty=ssh ruser= rhost=144.14.103.87.rev.vodafone.pt user=root > > Apr 7 11:08:26 [sshd] error: PAM: Authentication failure for root from > > 144.14.103.87.rev.vodafone.pt > > Apr 7 11:08:26 [sshd] error: PAM: Authentication failure for root from > > 144.14.103.87.rev.vodafone.pt > > Apr 7 11:08:26 [sshd] error: PAM: Authentication failure for root from > > 144.14.103.87.rev.vodafone.pt > > > > Denyhosts log file shows: > > > > 2009-04-07 11:08:57,058 - denyhosts : INFO new denied hosts: > > ['144.14.103.87'] > > > > 144.14.103.87.rev.vodafone.pt should actually point to: 87.103.14.144 > > > > This is on Gentoo using DenyHosts 2.6-r1 > > > > I will have a look at the source tonight and report back with a patch, if I > > am able. > > > > Cheers. > > > > -- > Regards, > > Phil Schwartz > - http://www.phil-schwartz.com > > Open Source Projects: > - DenyHosts: http://www.denyhosts.net > - Kodos: http://kodos.sourceforge.net > - ReleaseForge: http://releaseforge.sourceforge.net > - Scratchy: http://scratchy.sourceforge.net > - FAQtor: http://faqtor.sourceforge.net > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by: > High Quality Requirements in a Collaborative Environment. > Download a free trial of Rational Requirements Composer Now! > http://p.sf.net/sfu/www-ibm-com > _______________________________________________ > Denyhosts-user mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/denyhosts-user ------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Denyhosts-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/denyhosts-user
