Menu
▾
▴
Re: [Sshguard-users] sshguard-1.5-r1 on gentoo: log entries missed
|
From: Mij <mi...@ss...> - 2010-03-11 19:25:29
|
On Mar 11, 2010, at 12:22 , Robert S wrote: > I have been getting a lot of these messages: > > Mar 11 13:40:36 myhost sshd[30548]: User root from 202.111.128.225 not allowed because none of user's groups are listed in AllowGroups > > These are not triggering any response to sshguard. I have the following line in my /etc/ssh/sshd_config: > > AllowGroups ssh_users > > Is there some way that sshgurard can be got to respond to these? Alternatively is it possible to activate the firewall after an attempted root login? It seems that the "pattern submission" feature is still not apparent enough :) Please submit to http://www.sshguard.net/support/attacks/submit/ This is an interesting case, I'll bump up its priority. |
