On Tue, 18 Aug 2009 20:24:31 -0400 =?iso-8859-1?B?RnLpZOlyaWMgQnJp6HJl?= <fbri...@fbriere.net> wrote: > On Fri, Jan 02, 2009 at 10:21:51AM +0100, Jan Evert van Grootheest wrote: > > Package: logcheck-database > > Version: 1.2.68 > > > > It has now started to spam the logs with lots of > > Jan 2 09:22:57 sisko sshd[28511]: pam_unix(sshd:auth): authentication > > failure; logname= uid=0 euid=0 tty=ssh ruser= > > rhost=host92-22-static.38-79-b.business.telecomitalia.it user=root > > This is a duplicate of #444470, which was fixed a while ago. (The fix > was actually part of 1.2.64, so I'm assuming you filed this report from > a different machine.) > > > And on another system the same is happening for imapd. > > Are we talking about cyrus-imapd-2.2? Could you provide an example?
This bug is from 2009, and has been tagged moreinfo for much of that time: i fear the world has moved on: - logcheck-database filters messages from pam for successful login - most people would want to know about authentication failures, especially since root is not allowed to ssh in by default these days - those that get too many authentication failures can and should add their local rule, but i dont see a case to filter such methods by default - there isnt really anything actionable in this report anyway Therefore: closing it - anyone is feel free to reopen!