Re: intrusion via ssh
On Thu, Mar 31, 2005 at 12:55:46PM +0200, Frederic Guillet wrote:
> I have about 500 attemps with different usernames and the same IP so i
> guess it is a robot which is trying to enter my system.
Use /etc/hosts.deny to block that IP address. You can also achieve
similar results in the /etc/ssh/sshd_config file. As for whether or no
the session was actually opened, that information is being logged to
/var/log/auth.log by default.
--
Find my Techno-Geek Journal at http://www.codegnome.org/geeklog/
Reply to: