Re: Blockhosts and SSH Logging
max 1 wrote:
> I installed blockhosts on my openSUSE 11.0 Server, and it works so
> far.
>
> I have only got one problem left, which is the way SSH logs
> loginattempts. I get multiple of those lines:
>
>
> Code:
> --------------------
>
> Jul 9 15:40:34 s15313878 sshd[12273]: error: PAM: Authentication
> failure for root from 82-135-192-12.static.zebra.lt
> Jul 9 15:40:34 s15313878 sshd[12273]: error: PAM: Authentication
> failure for root from 82-135-192-12.static.zebra.lt
>
>
> --------------------
>
>
> THe only problem is that blockhosts won't block hostnames, it needs the
> IP.
>
> The question is, where do I change that special logentry so that it
> won't resolve the IP address?
You can try to disable dns lookups for sshd (daemon server). Edit
file /etc/ssh/sshd_config and set:
***
UseDNS no
***
Restart sshd daemon (rcsshd restart) and test again.
Please keep in mind this change may affect other services you have
configured to use with sshd. Just be sure this change will not affect them.
Greetings,
--
Camaleón
|