| 1 |
On Thu, Mar 19, 2009 at 10:36 AM, Johan Blåbäck |
| 2 |
<johan.bluecreek@×××××.com> wrote: |
| 3 |
> I've always had usernames when it comes to sshd's log entries in |
| 4 |
> auth.log, like the following: |
| 5 |
> |
| 6 |
> <time> <hostname> sshd[5926]: error: PAM: Authentication failure for |
| 7 |
> <username> from <ip-adress> |
| 8 |
|
| 9 |
Well, I don't use PAM, just key-based authentication only, so I always |
| 10 |
see only the IP getting rejected since it doesn't even give them a |
| 11 |
place to try a user/password :) It's just weird that it is refusing a |
| 12 |
connection from user@domain rather than simply the IP. I guess they |
| 13 |
could be trying to ssh user@××××××.net or something. The one with |
| 14 |
[U2FsdGVkX19g32YZVKMsQkl+mouWITILOicY4Iq9OQo=] as the username is |
| 15 |
interesting. I wonder what that's all about. |
Archives