* Re: [gentoo-user] SSH won't restart
@ 2007-09-08 16:46 99% ` Alex Schuster
0 siblings, 0 replies; 1+ results
From: Alex Schuster @ 2007-09-08 16:46 UTC (permalink / raw
To: gentoo-user
Grant writes:
> I just upgraded ssh and when I try to restart I get:
>
> * Stopping sshd ... [ !! ]
>
> I don't see anything about it in '/var/log/sshd/current'. How can I
> figure out what is wrong? I'm a little nervous because I don't want
> to shut myself out of this remote server.
Uh-oh! I know how you feel, I also administrate remote servers. Is there
a /var/sun/sshd.pid containing the PID of the running sshd process (you can
get it via "pidof sshd")? Maybe it's missing, this would explain the
failure to stop.
If you think the upgrade is necessary and don't want to wait until you or
s.o. else has physical access in case sshd doesn't come up again, you could
try to restart sshd manually by issuing a "kill -SIGHUP $( pidof sshd )".
> I also noticed many "POSSIBLE BREAK-IN ATTEMPT!" log entries for
> usernames that don't exist. Anything I should do about that?
I emerged failtoban recently. This allows to monitor ssh attacks (also for
other services like ftp and courier), and denies the attacker's IP for a
while after some login failures. This keeps sshd logs short and enhances
security, in case there are users with simple passwords. Some days ago I
received 34 emails from fail2ban telling me about nightly couriersmtp
breakin attempts.
It does nt work out-of-the-box, but isn't too hard to configure. There are
some howtos, but be sure to read current ones, the configuration was
changed somewhere between version 0.6 and 0.8. I can mail you my configs if
you are interested.
Alex
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [relevance 99%]
Results 1-1 of 1 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2007-09-08 15:40 [gentoo-user] SSH won't restart Grant
2007-09-08 16:46 99% ` Alex Schuster
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox