Menu
▾
▴
Re: [Sshguard-users] protecting a server with password authentication disabled
|
From: Henri S. <hen...@gm...> - 2016-04-20 02:19:04
|
> What version of SSHGuard are you using? SSHGuard version : 1.6.1 : OK, not the latest but it is fairly recent right? Note : This is SSHGuard was installed via brew on a Mac OS X system. I have confirmed that if password authentication enabled and you do not connect with a key and instead try to use a password, then it SSHGuard works great! > What pre-auth disconnect message showed up in the logs? Connection closed by 123.255.41.127 [preauth] If password authentication via PAM is enabled, then using the key to connect with say an incorrect user and attempting to use the key will cause SSHGuard to detect this. I suspect what causes the detection to work is the following line within the logs : input_userauth_request: invalid user test But the above line will not show up if PAM is disabled. If I have misunderstood, then please let me know. Hopefully it is something simple which will resolve this and allow SSHGuard to block the inbound connections when password authentication and PAM is disabled. Any ideas, happy to give them a try! -------------------------------------------------------------------- InstallPKG, an open source installation system. Install multiple apple .pkg and .mpkg files via the command line : http://www.lucid.technology/tools/installpkg |
