On Tue, 1 Aug 2000 [EMAIL PROTECTED] wrote:
> Actualy, I don't have 'login failers'. I just can't
> connect! "Connection refused", not login failer! I do not get login
> prompt at all!
Correct... However, per inetd(8), wrapped services log failed attempts
using the auth syslog facility.
> 'host' is ok in both directions (host <name> and host <ip> gives the
> same name/IP). Can I assume resolving is ok ?
You did this from your server, not your home system, correct? Just
checking, since inetd will obviouslly be using the DNS of your server to
see if a given host is allowed. Do you have the same problem if you
comment out the PARANOID line in /etc/hosts.allow?
#ALL : PARANOID : RFC931 20 : deny
What's a traceroute look like from the disallowed connection to the
server, and from the server to your disallowed IP?
> If i could force things to be logged somehow :-) I can send my
> /etc/syslog.conf if it will be of help ?
Hmm, I understand your pain... I just attempted to make sshd log failed
attempts and... I must be overlooking something really simple, because
it's not working.
I looked at inetd(8) and sshd(8).
I have the following in /etc/ssh/sshd_config by default:
SyslogFacility AUTH
LogLevel INFO
So I created the following in /etc/syslog.conf (Yes, those are tabs):
auth.* /var/log/auth.log
In sshd_config I even tried bumping LogLevel up to VERBOSE. I touched
/var/log/auth.log and it is writeable by syslogd.
I then removed an allow rule for one of my boxes, ssh'd in, and got denied
without anything being logged to auth.log. Sshd is standalone... So
logging behavior relating to inetd shouldn't matter, but I noticed mention
of daemon.* being used by inetd so tried logging those too... Still
nothing.
Hmm.
-mrh
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-stable" in the body of the message
