Seems the fail2ban package needs an update to adapt to the changes that were introduced in openssh 9.8. Please see https://github.com/fail2ban/fail2ban/pull/3782 for the changes. Reproducible: Always
*** Bug 2315367 has been marked as a duplicate of this bug. ***
FEDORA-2024-9c06275445 (fail2ban-1.1.0-4.fc40) has been submitted as an update to Fedora 40. https://bodhi.fedoraproject.org/updates/FEDORA-2024-9c06275445
FEDORA-2024-a5f64b06b2 (fail2ban-1.1.0-4.fc41) has been submitted as an update to Fedora 41. https://bodhi.fedoraproject.org/updates/FEDORA-2024-a5f64b06b2
FEDORA-2024-9c06275445 has been pushed to the Fedora 40 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2024-9c06275445` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2024-9c06275445 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2024-a5f64b06b2 has been pushed to the Fedora 41 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2024-a5f64b06b2` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2024-a5f64b06b2 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Created attachment 2049687 [details] Boot log from 6.11.0-debug Filesystem was clean prior to booting 6.11.0-debug. Boot did not complete and locked up while still starting bootup services.
Comment on attachment 2049687 [details] Boot log from 6.11.0-debug Wrong bug.
It seems to me this update is not enough. The "journalmatch" expression in sshd.conf doesn't catch sessions with the new name. I worked around that by adding + _COMM=sshd-session to the other patterns. (With a "filter" line in jail.conf.) To be precise, this is how a record from the journal might look. It won't match with the original journal "matches". Sat 2024-10-05 18:44:40.403379 CEST [s=da69e653c4404dbaa83d8c46ce8dd0d1;i=689b400;b=846b16b360ff4fb78aebc9beaa79f881;m=46e3721af57;t=623bd81015680;x=dee65ca45d98a4fc] _UID=0 _SELINUX_CONTEXT=system_u:system_r:sshd_t:s0-s0:c0.c1023 _BOOT_ID=846b16b360ff4fb78aebc9beaa79f881 _MACHINE_ID=606ba17eef1ffa5a76fdb50047756efd _HOSTNAME=mimmi _RUNTIME_SCOPE=system _TRANSPORT=syslog PRIORITY=6 SYSLOG_FACILITY=10 SYSLOG_IDENTIFIER=sshd-session _GID=0 _CAP_EFFECTIVE=1ffffffffff _SYSTEMD_SLICE=system-sshd.slice _COMM=sshd-session _EXE=/usr/libexec/openssh/sshd-session _CMDLINE="sshd-session: [accepted]" _PID=3633286 _SYSTEMD_CGROUP=/system.slice/system-sshd.slice/sshd.125.225:22-2.80.45.73:54419.service _SYSTEMD_UNIT=sshd.125.225:22-2.80.45.73:54419.service _SYSTEMD_INVOCATION_ID=f3c29febc4144838b0024d47f74e8155 SYSLOG_PID=3633286 SYSLOG_TIMESTAMP=Oct 5 18:44:40 MESSAGE=Invalid user hcy from 2.80.45.73 port 54419 _SOURCE_REALTIME_TIMESTAMP=1728146680403379
I believe you are right and we need also https://github.com/fail2ban/fail2ban/commit/54c0effceb998b73545073ac59c479d9d9bf19a4
FEDORA-2024-9c06275445 (fail2ban-1.1.0-4.fc40) has been pushed to the Fedora 40 stable repository. If problem still persists, please make note of it in this bug report.
Thanks Dan. I just got back from vacation and was able to take a look.
FEDORA-2024-a5f64b06b2 (fail2ban-1.1.0-4.fc41) has been pushed to the Fedora 41 stable repository. If problem still persists, please make note of it in this bug report.