I'm running sshd on my personal computer to be able to log in from different machines. To tighten security without disabling pam i've created a user which is not in groop weel, and configured ssh to accept logins for this user only. By the way all passwords on my system are well choosen and should be invulnerable to dictonary attacs.
As # cat /var/log/sshd/current normaly looks something like Apr 21 15:17:26 [sshd] Did not receive identification string from 211.20.75.83 Apr 21 18:05:16 [sshd] Invalid user test from 213.244.22.178 Apr 21 18:05:16 [sshd] reverse mapping checking getaddrinfo for reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT! Apr 21 18:05:16 [sshd] User guest not allowed because shell /dev/null is not executable Apr 21 18:05:16 [sshd] reverse mapping checking getaddrinfo for reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT! Apr 21 18:05:17 [sshd] Invalid user admin from 213.244.22.178 Apr 21 18:05:17 [sshd] reverse mapping checking getaddrinfo for reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT! Apr 21 18:05:17 [sshd] Invalid user admin from 213.244.22.178 Apr 21 18:05:17 [sshd] reverse mapping checking getaddrinfo for reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT! Apr 21 18:05:18 [sshd] Invalid user user from 213.244.22.178 Apr 21 18:05:18 [sshd] reverse mapping checking getaddrinfo for reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT! - Last output repeated twice - Apr 21 18:05:18 [sshd] User root not allowed because not listed in AllowUsers Apr 21 18:05:19 [sshd] reverse mapping checking getaddrinfo for reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT! Apr 21 18:05:19 [sshd] User root not allowed because not listed in AllowUsers Apr 21 18:05:20 [sshd] reverse mapping checking getaddrinfo for reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT! Apr 21 18:05:20 [sshd] User root not allowed because not listed in AllowUsers Apr 21 18:05:20 [sshd] Invalid user test from 213.244.22.178 Apr 21 18:05:20 [sshd] reverse mapping checking getaddrinfo for reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT! Apr 21 19:02:44 [sshd] Did not receive identification string from 62.193.229.154 i would like to know if sshd is really secure as long as nobody who shouldn't has the correct username and password. thanks antonio -- gentoo-user@gentoo.org mailing list