Bug 2043088
| Summary: | logwatch for sshd should recognize "Disconnected from authenticating user" failed logins | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Jonathan Kamens <h1k6zn2m> | ||||
| Component: | logwatch | Assignee: | Pavel Šimovec <psimovec> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Karel Volný <kvolny> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | CentOS Stream | CC: | bstinson, jwboyer, psimovec | ||||
| Target Milestone: | rc | Keywords: | Triaged | ||||
| Target Release: | --- | Flags: | pm-rhel:
mirror+
|
||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | logwatch-7.4.3-13.el8 | Doc Type: | If docs needed, set a value | ||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2023-11-14 15:51:44 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (logwatch bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2023:7180 |
Created attachment 1852220 [details] Patch to logwatch sshd script to recognize login failures Logwatch should recognize messages like these as failed logins: Jan 20 00:01:35 hostname sshd[269862]: Disconnected from authenticating user root 92.255.85.135 port 17038 [preauth] See attached patch.