Public bug reported: I'm working on Ubuntu 20, x86_64, fully patched.
# lsb_release -a Distributor ID: Ubuntu Description: Ubuntu 20.04.2 LTS ... We are seeing reports of failed password-based logins using root: jounralctl -xe ... Apr 01 09:08:21 localhost sshd[239302]: Failed password for root from 49.88.112.77 port 36206 ssh2 Apr 01 09:08:21 localhost sshd[239302]: Failed password for root from 49.88.112.77 port 36206 ssh2 ... There are three attempts every second or two (literally): # journalctl -xe | grep -i -c 'Failed password for root' 324 Our OpenSSH server is configured with both no-password based logins and no-root logins. # ls /etc/ssh/sshd_config.d/ 10_pubkey_auth.conf 20_disable_root_login.conf # cat /etc/ssh/sshd_config.d/10_pubkey_auth.conf # Disable passwords PasswordAuthentication no ChallengeResponseAuthentication no UsePAM no # Enable public key PubkeyAuthentication yes # cat /etc/ssh/sshd_config.d/20_disable_root_login.conf PermitRootLogin no The config files are included last in our /etc/ssh/sshd_config file: # tail -n 3 /etc/ssh/sshd_config # For some reason OpenSSH does not include additional conf files by default. Include /etc/ssh/sshd_config.d/*.conf I dislike modifying /etc/ssh/sshd_config since it will be overwritten by the distro. With that said, I modified it without success. It really annoys me that we can't secure this service. Something looks very broken here. ----- # apt-cache show openssh-server Package: openssh-server Architecture: amd64 Version: 1:8.2p1-4ubuntu0.2 Multi-Arch: foreign Priority: optional Section: net Source: openssh Origin: Ubuntu Maintainer: Ubuntu Developers <[email protected]> Original-Maintainer: Debian OpenSSH Maintainers <[email protected]> Bugs: https://bugs.launchpad.net/ubuntu/+filebug ** Affects: openssh (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1922212 Title: SSHD does not honor configuration files To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1922212/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
