missing regexp for ssh
Bug #153092 reported by
Nicolas Valcarcel
This bug report is a duplicate of:
Bug #152964: Attacks against valid users don't get caught.
Edit
Remove
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
fail2ban (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: fail2ban
The current configuration shipped with version 0.7.6-3ubuntu1 of
fail2ban fails to catch failed login attempts for valid users.
Replacing the following line in /etc/fail2ban/
(?:Authentication failure|Failed [-/\w+]+) for(?: [iI](?:llegal|
nvalid))? user .*(?: from|FROM) <HOST>
with
(?:Authentication failure|Failed [-/\w+]+) for .*(?: from|FROM) <HOST>
remedies this. Just tested it from 2 remote hosts to my machine, and it
catches wrong passwords as well as empty passwords, like the old rule
did, but this time also for existing users.
Reported at https:/
To post a comment you must log in.
Thank you for taking the time to report this bug and helping to make Ubuntu better. This particular bug has already been reported and is a duplicate of bug #152964, so it is being marked as such. Please look at the other bug report to see if there is any missing information that you can provide, or to see if there is a workaround for the bug. Additionally any further discussion regarding the bug should occur in the other report. Feel free to continue to report any other bugs you may find.