Yuri
2023-Jun-05 06:24 UTC
[feature suggestion] sshd should log the listening port number while logging errors/warnings
I have sshd listening on several ports for various reasons. sshd periodically logs errors like these: > Jun? 4 22:52:52 xx sshd[30708]: error: Fssh_kex_exchange_identification: banner line contains invalid characters This message would be a lot more helpful if it would contain the port number for this connection. It would be easier to figure out where offending connections come from. Thanks, Yuri
Darren Tucker
2023-Jun-05 06:59 UTC
[feature suggestion] sshd should log the listening port number while logging errors/warnings
On Mon, 5 Jun 2023 at 16:29, Yuri <yuri at rawbw.com> wrote:> ssh_kex_exchange_identification: banner line contains invalid characters[...]> It would be easier to figure out where offending connections come from.The subsequent log line from sshpkt_fatal contains the source address and port of that connection: $ sudo `pwd`/sshd -ddd -p 2022 [...] kex_exchange_identification: banner line contains invalid characters banner exchange: Connection from 127.0.0.1 port 52410: invalid format -- Darren Tucker (dtucker at dtucker.net) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.