OpenSSH

From Fail2ban
Revision as of 21:59, 22 February 2007 by 212.41.77.100 (Talk) (Fixed bug #1664386)

Jump to: navigation, search

OpenSSH (Open Secure Shell) is a set of free software computer programs providing encrypted communication sessions over a computer network using the SSH protocol. It was created as an open alternative to the proprietary Secure Shell software. The project is led by Theo de Raadt from Calgary, Alberta in Canada.

From Wikipedia, the free encyclopedia



  • Aug 14 11:52:00 i60p295 sshd[11437]: Failed password for illegal user test123 from ::ffff:123.123.123.123 port 51381 ssh2
  • Aug 14 11:57:59 i60p295 sshd[12365]: Failed publickey for toto from ::ffff:123.123.123.123 port 51332 ssh2


Failregex

The regular expressions below are proposed failregex for this software. Multiple regular expressions for failregex will only work with a version of Fail2ban greater than or equal to 0.7.6.

The tag <HOST> in the regular expressions below is just an alias for (?:::f{4,6}:)?(?P<host>\S+). The replacement is done automatically by Fail2ban when adding the regular expression. At the moment, exactly one named group host or <HOST> tag must be present in each regular expression.

Please, before editing this section, propose your changes in the discussion page first.


  • Authentication failure for .* from <HOST>
  • Failed [-/\w]+ for .* from <HOST>
  • ROOT LOGIN REFUSED .* FROM <HOST>
  • [iI](?:llegal|nvalid) user .* from <HOST>