IMAP List Administration
2016-Mar-29 11:23 UTC
request: add IP address to a log message to allow blocking
Hello, I'm seeing a lot of messages like this: fatal: Read from socket failed: Connection reset by peer [preauth] I presume they are the result of someone trying a brute-force attack of some kind, and would like to ban the attacker, but cannot, because the IP address is missing. If you haven't already, an you please add the IP address to this message, and any similar messages? I'm using version 6.7p1. thanks, Rob
Damien Miller
2016-Mar-29 22:10 UTC
request: add IP address to a log message to allow blocking
On Tue, 29 Mar 2016, IMAP List Administration wrote:> Hello, > > I'm seeing a lot of messages like this: > > fatal: Read from socket failed: Connection reset by peer [preauth] > > I presume they are the result of someone trying a brute-force attack of some > kind, and would like to ban the attacker, but cannot, because the IP address is > missing. > > If you haven't already, an you please add the IP address to this message, and > any similar messages? I'm using version 6.7p1.I actually added that recently. It will be in openssh-7.3, due in a couple of months. -d
Daniel Kahn Gillmor
2016-Mar-29 22:22 UTC
request: add IP address to a log message to allow blocking
On Tue 2016-03-29 18:10:00 -0400, Damien Miller wrote:> On Tue, 29 Mar 2016, IMAP List Administration wrote: >> If you haven't already, an you please add the IP address to this message, and >> any similar messages? I'm using version 6.7p1. > > I actually added that recently. It will be in openssh-7.3, due in a > couple of months.Will it be configurable? There are situations where people actively don't want to have any IP addresses logged for legal reasons, and ideally it would be easy to get diagnostics without risks of IP addresses being written to log storage. --dkg
Seemingly Similar Threads
- [Bug 1506] New: rationalize agent behavior on smartcard removal/reattachment
- [Bug 1777] New: KnownHostsCommand
- [Bug 1984] New: Add Unix Domain Socket Forwarding
- ssh-keygen -r should support SSHFP records for ECDSA (or at least return non-zero error code on failure)
- Creating users "on - the - fly"