Nils Breunese (Lemonbit) wrote: > john decot wrote: > >> I have tried it up but whenever I used wrong key it doesn't show >> any log in server. With right key authentication and phrases I am able >> to get log of acceptance in auth.log. Again with password >> authentication it is working fine. >> So, could you tell me where will be the location of the failure of >> public key authentication method. > > I don't know if failed public key auth attempts are logged. It appears > they aren't, at least on your system.
Correct, sshd works by trying public key first, if it fails it tries the alternatives (password is one), finally gives up. If there are no alternatives I have not tested what, if anything, is entered in the log; for what is worth I also have never heard of a pub.key attack (what's the odds 1 in 10 billion?, certainly much lower than trying passwords). >> And one more question can we use denyhosts for ftp attacks as >> well as sshd attacks simultaneously. could anyone tell me what will be >> the parameter i have to set in >> SECURE_LOG = > > I have no idea. We're not using DenyHosts at the moment. We're currently > evaluating Fail2ban and I do know Fail2ban can do this. I'm just on this > list to keep myself informed about these kinds of tools. Me too use fail2ban for that, with DenyHosts there are some success reports on the list, they monitor one log (syslog or messages) and just add an extra regular expression that matches what the ftp server writes -- the format depends on the server, I had to change fail2ban regex to use proFtpd. -- René Berber ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Denyhosts-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/denyhosts-user
