Package: openssh-server Version: 1:6.0p1-3 Severity: minor Tags: upstream Please consider to log the IP instead of the reverse DNS entry in the following log message: sshd[22199]: PAM 3 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns1.onemessageministries.org user=root I know that SSH checks forward and reverse DNS and emits a warning if they don't match (and it could be that it would log the IP if there was a problem), but there is really no reason to log reverse DNS rather than the IP, is there? -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.5-trunk-amd64 (SMP w/4 CPU cores) Locale: LANG=en_NZ, LC_CTYPE=en_NZ.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages openssh-server depends on: ii adduser 3.113+nmu3 ii debconf [debconf-2.0] 1.5.46 ii dpkg 1.16.9 ii libc6 2.13-37 ii libcomerr2 1.42.5-1 ii libgssapi-krb5-2 1.10.1+dfsg-3 ii libkrb5-3 1.10.1+dfsg-3 ii libpam-modules 1.1.3-7.1 ii libpam-runtime 1.1.3-7.1 ii libpam0g 1.1.3-7.1 ii libselinux1 2.1.9-5 ii libssl1.0.0 1.0.1c-4 ii libwrap0 7.6.q-24 ii lsb-base 4.1+Debian9 ii openssh-client 1:6.0p1-3 ii procps 1:3.3.4-2 ii zlib1g 1:1.2.7.dfsg-13 Versions of packages openssh-server recommends: pn ncurses-term <none> ii openssh-blacklist 0.4.1+nmu1 ii openssh-blacklist-extra 0.4.1+nmu1 ii xauth 1:1.0.7-1 Versions of packages openssh-server suggests: ii molly-guard 0.4.5-1 ii monkeysphere 0.35-2 pn rssh <none> ii ssh-askpass-gnome [ssh-askpass] 1:6.0p1-3 pn ufw <none> -- debconf information excluded -- .''`. martin f. krafft <madduck@d.o> Related projects: : :' : proud Debian developer http://debiansystem.info `. `'` http://people.debian.org/~madduck http://vcs-pkg.org `- Debian - when you have better things to do than fixing systems
Attachment:
digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/sig-policy/999bbcc4/current)