Package: ssh Version: 1:3.8.1p1-8.sarge.4 Severity: normal Hello
At least if there would have been a break-in, I surely would be very interested in knowing which IP tried to login as 'backup': sshd[19059]: User backup not allowed because not listed in AllowUsers The IP is printed in other messages like this one: sshd[19065]: Illegal user tomcat from ::ffff:211.151.248.232 bye, -christian- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]