Hi everyone,
I have recently setup ssh so I can access my computer from work. I will use keys and disable password based access but have not done so yet. I thought that I had disabled root access but I guess not:
Quote:
Dec 15 08:07:18 debby sshd[9244]: Did not receive identification string from 200
.232.53.58
Dec 15 08:10:45 debby sshd[9251]: pam_unix(sshd:auth): authentication failure; l
ogname= uid=0 euid=0 tty=ssh ruser= rhost=ns1.teleeventos.com.br user=root
Dec 15 08:10:47 debby sshd[9251]: Failed password for root from 200.232.53.58 po
rt 46974 ssh2
Dec 15 08:10:56 debby sshd[9253]: pam_unix(sshd:auth): authentication failure; l
ogname= uid=0 euid=0 tty=ssh ruser= rhost=ns1.teleeventos.com.br user=root
Dec 15 08:10:58 debby sshd[9253]: Failed password for root from 200.232.53.58 po rt 47109 ssh2
|
Now I have just tested it after setting turning off root access:
Quote:
Dec 15 11:42:14 debby sshd[9802]: reverse mapping checking getaddrinfo for 4.red [88.27.185.4] failed - POSSIBLE BREAK-IN ATTEMPT!
Dec 15 11:42:23 debby sshd[9802]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.27.185.4 user=root
Dec 15 11:42:25 debby sshd[9802]: Failed password for root from 88.27.185.4 port 13941 ssh2
|
So it still lets you think you can log in as root (from a seperate internet connection) and just says access denied?
Also is there anything I can do about this person at 200.232.53.58 trying to access my computer or should I just ignore them?