Public bug reported: Binary package hint: fail2ban
The current configuration shipped with version 0.7.6-3ubuntu1 of fail2ban fails to catch failed login attempts for valid users. Replacing the following line in /etc/fail2ban/filter.d/sshd.conf: (?:Authentication failure|Failed [-/\w+]+) for(?: [iI](?:llegal| nvalid))? user .*(?: from|FROM) <HOST> with (?:Authentication failure|Failed [-/\w+]+) for .*(?: from|FROM) <HOST> remedies this. Just tested it from 2 remote hosts to my machine, and it catches wrong passwords as well as empty passwords, like the old rule did, but this time also for existing users. Reported at https://lists.ubuntu.com/archives/ubuntu- motu/2007-October/002448.html ** Affects: fail2ban (Ubuntu) Importance: Undecided Status: New -- missing regexp for ssh https://bugs.launchpad.net/bugs/153092 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
