[Bug 3457] New: Not logging login attempts until half of max lets bots try many times

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Jul 6 17:16:08 AEST 2022


https://bugzilla.mindrot.org/show_bug.cgi?id=3457

            Bug ID: 3457
           Summary: Not logging login attempts until half of max lets bots
                    try many times
           Product: Portable OpenSSH
           Version: 8.9p1
          Hardware: amd64
                OS: Linux
            Status: NEW
          Severity: security
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: ThellraAK at absurdlybored.com

cat auth.log | grep 46.101.X.Y | grep "preauth" | wc -l
    554

554 failed [preauth] from just today

For 46.101.X.Y number, fail2ban didn't even notice them

    :/var/log# cat fail2ban.log | grep 46.101.X.Y

Comes back with nothing.

I think this is caused by MaxAuthTries defaulting to 6, and only
logging after 3 failures, which seems to let an unlimited amount of
attempts without logging any failures.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list