[Bug 2461] New: Source IP missing in log when no suitable key exchange method found

bugzilla-daemon Wed, 09 Sep 2015 20:15:16 -0700

https://bugzilla.mindrot.org/show_bug.cgi?id=2461


            Bug ID: 2461
           Summary: Source IP missing in log when no suitable key exchange
                    method found
           Product: Portable OpenSSH
           Version: 6.0p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: sshd
          Assignee: [email protected]
          Reporter: [email protected]

Log entries such as these lack the attackers IP address

When unneeded ciphers/macs/KexAlgorithms are removed -- we get:

Jan 12 20:17:28 <<REMOVED>> sshd[8888]: fatal: Unable to negotiate a
key exchange method [preauth]
Jan 12 20:19:16 <<REMOVED>> sshd[8890]: fatal: Unable to negotiate a
key exchange method [preauth]

This prevents fail2ban and others from doing some useful attack
mitigation. 

Also see:
http://lists.mindrot.org/pipermail/openssh-unix-dev/2015-January/033328.html

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2461] New: Source IP missing in log when no suitable key exchange method found

Reply via email to