Recently I have been seeing lots of connections to my sshd trying to guess
passwords.  One thing I noticed was the hostname reported in the auth.log
without reverse dns.  sshd never puts in the ip address, this is all I see:

sshd[14450]: error: PAM: authentication error for illegal user access from

Is it possible to get pam or sshd or whatever is ultimatly logging this to
put the ip address in the log so I can see where this is really coming from?

Michael Grant
_______________________________________________ mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to