Hrm, looking upstream /usr/share/logwatch/scripts/services/sshd (which
is the same in Xenial):
($ThisLine =~ m/^pam_sss\(sshd:.*\)/) or
-- {
# Ignore these
}
Can you confirm that still happens with the latest code?
But, the pam_krb5 and pam_ldap ones reported seem to be genuine
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: logwatch (Ubuntu)
Status: New = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to logwatch in Ubuntu.
I have a similar problem for other sshd authentication methods.
**Unmatched Entries**
pam_krb5(sshd:auth): user [CENSORED] authenticated as [CENSORED] : 3 time(s)
pam_ldap(sshd:auth): Authentication failure; user=[CENSORED] : 3 time(s)
pam_krb5(sshd:auth): authentication failure;
** Changed in: logwatch (Ubuntu)
Importance: Undecided = Medium
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to logwatch in Ubuntu.
https://bugs.launchpad.net/bugs/1060238
Title:
unmatched entries for sshd
To manage
