Menu
▾
▴
[Sshguard-users] Mountain Lion sshd log lines not recognized
|
From: Adrian L. <ad...@lu...> - 2012-12-02 18:25:42
|
I've setup sshguard on OS X 10.8.2 "Mountain Lion". I've successfully integrated sshguard with the system's pf firewall; using interactive mode and the sample log lines I see new IPs blocked in pf. However actual failures are not being acted upon. Pasting log lines into sshguard interactive mode it appears log messages are not being parsed. Some sample sshd messages: Dec 2 03:26:16 server.example.com sshd[20830]: error: PAM: unknown user for illegal user richard from 82.221.99.229 via 1.2.3.4 Dec 2 10:04:32 server.example.com sshd[41143]: error: PAM: authentication error for root from badguy.comcast.net via 1.2.3.4 The "via 1.2.3.4" is the interface IP address of the logging server. -Adrian |
