https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=234793
[email protected] changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] | |t --- Comment #20 from [email protected] --- Just chiming in.. It has been like this for a good while: SELECT COUNT(1) FROM logs WHERE program = 'sshd' AND msg like 'Failed unknown for %'; +----------+ | COUNT(1) | +----------+ | 17695 | +----------+ First entry: 2019-01-07 17:33:52 (aka the same day as I upgraded to 12.0 on that server). Full sshd.conf: PermitRootLogin no StrictModes yes MaxAuthTries 2 AllowGroups sshlogin AuthorizedKeysFile .ssh/authorized_keys ChallengeResponseAuthentication yes UsePAM yes UseDNS no Subsystem sftp /usr/libexec/sftp-server AuthenticationMethods publickey,keyboard-interactive pam.d/sshd: auth required /usr/local/lib/pam_google_authenticator.so nullok auth required /usr/local/lib/pam_ldap.so account required pam_nologin.so account required pam_login_access.so account sufficient /usr/local/lib/pam_ldap.so no_warn ignore_authinfo_unavail ignore_unknown_user account required pam_unix.so session required pam_permit.so password sufficient /usr/local/lib/pam_ldap.so no_warn ignore_authinfo_unavail ignore_unknown_user password required pam_unix.so I may have missed something glaringly obvious, but so far, I've just put the line "Failed unknown for" on whitelists.. The config, both for sshd and pam, is an almost word-for-word copy from the linux install the server used to have, where this message did not occur. -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "[email protected]"
