1 |
On Thu, Mar 19, 2009 at 10:36 AM, Johan Blåbäck |
2 |
<johan.bluecreek@×××××.com> wrote: |
3 |
> I've always had usernames when it comes to sshd's log entries in |
4 |
> auth.log, like the following: |
5 |
> |
6 |
> <time> <hostname> sshd[5926]: error: PAM: Authentication failure for |
7 |
> <username> from <ip-adress> |
8 |
|
9 |
Well, I don't use PAM, just key-based authentication only, so I always |
10 |
see only the IP getting rejected since it doesn't even give them a |
11 |
place to try a user/password :) It's just weird that it is refusing a |
12 |
connection from user@domain rather than simply the IP. I guess they |
13 |
could be trying to ssh user@××××××.net or something. The one with |
14 |
[U2FsdGVkX19g32YZVKMsQkl+mouWITILOicY4Iq9OQo=] as the username is |
15 |
interesting. I wonder what that's all about. |