nologin: Attempted login by UNKNOWN

To: Debian users-ca SPM <debian-user-catalan@lists.debian.org>
Subject: nologin: Attempted login by UNKNOWN
From: Narcis Garcia <debianlists@actiu.net>
Date: Fri, 24 May 2024 09:15:06 +0200
Message-id: <[🔎] 31e637cb-d5a3-4db2-afaa-407d7e93d1e1@actiu.net>

Bon dia,

M'agradaria saber, si algú ho sap explicar o té referències, què és elquè fa que s'enregistrin aquestes temptatives d'inici de sessió quanarrenca el sistema operatiu:


$ sudo journalctl -b -p err

may 24 08:54:23 system nologin[11802]: Attempted login by UNKNOWN (UID:1) on UNKNOWNmay 24 08:54:24 system nologin[11846]: Attempted login by UNKNOWN (UID:2) on UNKNOWNmay 24 08:54:24 system nologin[11875]: Attempted login by UNKNOWN (UID:3) on UNKNOWNmay 24 08:54:24 system nologin[11933]: Attempted login by UNKNOWN (UID:5) on UNKNOWNmay 24 08:54:25 system nologin[11962]: Attempted login by UNKNOWN (UID:6) on UNKNOWNmay 24 08:54:25 system nologin[11997]: Attempted login by UNKNOWN (UID:7) on UNKNOWNmay 24 08:54:25 system nologin[12038]: Attempted login by UNKNOWN (UID:8) on UNKNOWNmay 24 08:54:25 system nologin[12069]: Attempted login by UNKNOWN (UID:9) on UNKNOWNmay 24 08:54:25 system nologin[12098]: Attempted login by UNKNOWN (UID:10) on UNKNOWNmay 24 08:54:25 system nologin[12128]: Attempted login by UNKNOWN (UID:13) on UNKNOWNmay 24 08:54:26 system nologin[12157]: Attempted login by UNKNOWN (UID:33) on UNKNOWNmay 24 08:54:26 system nologin[12186]: Attempted login by UNKNOWN (UID:34) on UNKNOWNmay 24 08:54:26 system nologin[12215]: Attempted login by UNKNOWN (UID:38) on UNKNOWNmay 24 08:54:26 system nologin[12244]: Attempted login by UNKNOWN (UID:39) on UNKNOWNmay 24 08:54:26 system nologin[12284]: Attempted login by UNKNOWN (UID:42) on UNKNOWNmay 24 08:54:27 system nologin[12313]: Attempted login by UNKNOWN (UID:65534) on UNKNOWNmay 24 08:54:27 system nologin[12349]: Attempted login by UNKNOWN (UID:998) on UNKNOWNmay 24 08:54:27 system nologin[12420]: Attempted login by UNKNOWN (UID:997) on UNKNOWNmay 24 08:54:27 system nologin[12450]: Attempted login by UNKNOWN (UID:100) on UNKNOWNmay 24 08:54:27 system nologin[12481]: Attempted login by UNKNOWN (UID:101) on UNKNOWN

Justament coincideix amb els comptes d'usuari que tenen assignatl'intèrpret «nologin», i en el mateix ordre:

$ cat /etc/passwd | cut -f 1,3,7 -d ':' | grep -e nologin
daemon:1:/usr/sbin/nologin
bin:2:/usr/sbin/nologin
sys:3:/usr/sbin/nologin
games:5:/usr/sbin/nologin
man:6:/usr/sbin/nologin
lp:7:/usr/sbin/nologin
mail:8:/usr/sbin/nologin
news:9:/usr/sbin/nologin
uucp:10:/usr/sbin/nologin
proxy:13:/usr/sbin/nologin
www-data:33:/usr/sbin/nologin
backup:34:/usr/sbin/nologin
list:38:/usr/sbin/nologin
irc:39:/usr/sbin/nologin
_apt:42:/usr/sbin/nologin
nobody:65534:/usr/sbin/nologin
systemd-network:998:/usr/sbin/nologin
systemd-timesync:997:/usr/sbin/nologin
messagebus:100:/usr/sbin/nologin
sshd:101:/usr/sbin/nologin

Gràcies.

--

Narcis Garcia

__________

I'm using this dedicated address because personal addresses aren'tmasked enough at this mail public archive. Public archive administratorshould remove and omit any @, dot and mailto combinations againstautomated addresses collectors.

Reply to:

Prev by Date: Re: Tarja de xarxa intel I219-LM
Next by Date: Thunderbolt i debian 12: Thinkpad x390
Previous by thread: Re: Tarja de xarxa intel I219-LM
Next by thread: Thunderbolt i debian 12: Thinkpad x390
Index(es):
- Date
- Thread