You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
26 lines
570 B
Plaintext
26 lines
570 B
Plaintext
7 years ago
|
# Fail2Ban configuration file for SELinux ssh authentication errors
|
||
|
#
|
||
|
|
||
|
[INCLUDES]
|
||
|
|
||
|
after = selinux-common.conf
|
||
|
|
||
|
[Definition]
|
||
|
|
||
|
_type = USER_(ERR|AUTH)
|
||
|
_uid = 0
|
||
|
_auid = \d+
|
||
|
_subj = (?:unconfined_u|system_u):system_r:sshd_t:s0-s0:c0\.c1023
|
||
|
|
||
|
_exe =/usr/sbin/sshd
|
||
|
_terminal = ssh
|
||
|
|
||
|
_msg = op=\S+ acct=(?P<_quote_acct>"?)\S+(?P=_quote_acct) exe="%(_exe)s" hostname=(\?|(\d+\.){3}\d+) addr=<HOST> terminal=%(_terminal)s res=failed
|
||
|
|
||
|
# DEV Notes:
|
||
|
#
|
||
|
# Note: USER_LOGIN is ignored as this is the duplicate messsage
|
||
|
# ssh logs after 3 USER_AUTH failures.
|
||
|
#
|
||
|
# Author: Daniel Black
|