[gentoo-user] sshd security question

Thu, 21 Apr 2005 10:51:41 -0700 

I'm running sshd on my personal computer to be able to log in from
different machines. To tighten security without disabling pam i've
created a user which is not in groop weel, and configured ssh to accept
logins for this user only. By the way all passwords on my system are
well choosen and should be invulnerable to dictonary attacs.

As # cat /var/log/sshd/current  normaly looks something like

 Apr 21 15:17:26 [sshd] Did not receive identification string from
211.20.75.83
Apr 21 18:05:16 [sshd] Invalid user test from 213.244.22.178
Apr 21 18:05:16 [sshd] reverse mapping checking getaddrinfo for
reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT!
Apr 21 18:05:16 [sshd] User guest not allowed because shell /dev/null is
not executable
Apr 21 18:05:16 [sshd] reverse mapping checking getaddrinfo for
reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT!
Apr 21 18:05:17 [sshd] Invalid user admin from 213.244.22.178
Apr 21 18:05:17 [sshd] reverse mapping checking getaddrinfo for
reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT!
Apr 21 18:05:17 [sshd] Invalid user admin from 213.244.22.178
Apr 21 18:05:17 [sshd] reverse mapping checking getaddrinfo for
reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT!
Apr 21 18:05:18 [sshd] Invalid user user from 213.244.22.178
Apr 21 18:05:18 [sshd] reverse mapping checking getaddrinfo for
reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT!
                - Last output repeated twice -
Apr 21 18:05:18 [sshd] User root not allowed because not listed in
AllowUsers
Apr 21 18:05:19 [sshd] reverse mapping checking getaddrinfo for
reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT!
Apr 21 18:05:19 [sshd] User root not allowed because not listed in
AllowUsers
Apr 21 18:05:20 [sshd] reverse mapping checking getaddrinfo for
reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT!
Apr 21 18:05:20 [sshd] User root not allowed because not listed in
AllowUsers
Apr 21 18:05:20 [sshd] Invalid user test from 213.244.22.178
Apr 21 18:05:20 [sshd] reverse mapping checking getaddrinfo for
reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT!
Apr 21 19:02:44 [sshd] Did not receive identification string from
62.193.229.154

i would like to know if sshd is really secure as long as nobody who
shouldn't has the correct username and password.

thanks
antonio
-- 
gentoo-user@gentoo.org mailing list

Reply via email to