Willem Jan Withagen <[email protected]> writes: > Digging in my logfiles .... , and its things like: > sshd[84942]: Disconnecting: Too many authentication failures [preauth] > > So errors/warnings without IP-nr. > > And I think I fixed it on one server to also write: > error: maximum authentication attempts exceeded for root from > 173.254.203.88 port 1042 ssh2 [preauth]
fail2ban should catch both of these since sshd will print a message for each failed authentication attempt before it prints a message about reaching the limit. > Are they still willing to accept changes to the old version that is > currently in base? No, why would they do that? DES -- Dag-Erling Smørgrav - [email protected] _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
