Quote:
Originally Posted by evo2
That means that someone is trying to log into your machine over ssh using the username Ali.
Evo2.
|
But im the only one trying to login and even if someone is why cant I loging using my username and password ?
Mar 7 14:28:15 localhost pam: gdm-password[1815]: pam_unix(gdm-password:auth):
authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost= user=fedora
Mar 7 14:28:24 localhost sshd[1531]: Received signal 15; terminating.
Mar 7 14:38:27 localhost sshd[1454]: Server listening on 0.0.0.0 port 22.
Mar 7 14:38:27 localhost sshd[1454]: Server listening on :: port 22.
Mar 7 14:38:44 localhost pam: gdm-password[1716]: pam_unix(gdm-password:auth):
authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost= user=root
Mar 7 14:39:06 localhost pam: gdm-password[1752]: pam_selinux_permit(gdm-passwo
rd:auth): Cannot determine the user's name
Mar 7 14:39:06 localhost pam: gdm-password[1752]: pam_unix(gdm-password:auth):
check pass; user unknown
Mar 7 14:39:06 localhost pam: gdm-password[1752]: pam_unix(gdm-password:auth):
authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost=
Mar 7 14:39:06 localhost pam: gdm-password[1752]: pam_succeed_if(gdm-password:a
uth): error retrieving information about user
Mar 7 14:39:06 localhost pam: gdm-password[1752]: gkr-pam: error looking up user information for:
Mar 7 14:39:17 localhost pam: gdm-password[1762]: pam_unix(gdm-password:auth):
Mar 7 19:36:34 localhost userhelper[2850]: pam_timestamp(system-config-authentication:session): updated timestamp file `/var/run/sudo/root/unknown'
Mar 7 19:36:34 localhost userhelper[2854]: running '/usr/share/authconfig/authconfig-gtk.py ' with root privileges on behalf of 'root'
Mar 7 19:37:10 localhost userhelper[2873]: pam_timestamp(system-config-selinux:session): updated timestamp file `/var/run/sudo/root/unknown'
Mar 7 19:37:10 localhost userhelper[2876]: running '/usr/share/system-config-selinux/system-config-selinux.py ' with root privileges on behalf of 'root'
Mar 7 19:38:22 localhost userhelper[3100]: pam_timestamp(system-config-users:session): updated timestamp file `/var/run/sudo/root/unknown'
Mar 7 19:38:22 localhost userhelper[3103]: running '/usr/share/system-config-users/system-config-users ' with root privileges on behalf of 'root'
Mar 7 19:40:38 localhost pam: gdm-password[3202]: pam_unix(gdm-password:session): session opened for user root by (uid=0)
Mar 7 19:48:00 localhost passwd: pam_unix(passwd:chauthtok): password changed for aapanju
Mar 7 19:48:00 localhost passwd: gkr-pam: couldn't update the 'login' keyring password: no old password was entered
Mar 7 19:51:25 localhost userhelper[3867]: pam_timestamp(system-config-authentication:session): updated timestamp file `/var/run/sudo/root/unknown'
Mar 7 19:51:25 localhost userhelper[3870]: running '/usr/share/authconfig/authconfig-gtk.py ' with root privileges on behalf of 'root'
this is what all get from /var/log/secure if it makes any sense to you.
Could you suggest what I can do to be able to loging to my usual user ? or should i delete the user an create another user but than I will loose all data associated with that login.
I have disabled sshd as of now.