missing regexp for ssh

Bug #153092 reported by Nicolas Valcarcel
Affects Status Importance Assigned to Milestone
fail2ban (Ubuntu)

Bug Description

Binary package hint: fail2ban

The current configuration shipped with version 0.7.6-3ubuntu1 of
fail2ban fails to catch failed login attempts for valid users.

Replacing the following line in /etc/fail2ban/filter.d/sshd.conf:

(?:Authentication failure|Failed [-/\w+]+) for(?: [iI](?:llegal|
nvalid))? user .*(?: from|FROM) <HOST>


(?:Authentication failure|Failed [-/\w+]+) for .*(?: from|FROM) <HOST>

remedies this. Just tested it from 2 remote hosts to my machine, and it
catches wrong passwords as well as empty passwords, like the old rule
did, but this time also for existing users.

Reported at https://lists.ubuntu.com/archives/ubuntu-motu/2007-October/002448.html

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better. This particular bug has already been reported and is a duplicate of bug #152964, so it is being marked as such. Please look at the other bug report to see if there is any missing information that you can provide, or to see if there is a workaround for the bug. Additionally any further discussion regarding the bug should occur in the other report. Feel free to continue to report any other bugs you may find.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers