diff -Nru openssh-6.6p1/debian/changelog openssh-6.6p1/debian/changelog
--- openssh-6.6p1/debian/changelog	2016-01-13 07:48:19.000000000 -0800
+++ openssh-6.6p1/debian/changelog	2016-01-14 13:56:09.000000000 -0800
@@ -1,3 +1,12 @@
+openssh (1:6.6p1-2ubuntu2.5) trusty-proposed; urgency=medium
+
+  * Backport upstream reporting of max auth attempts, so that fail2bail
+    and similar tools can learn the IP address of brute forcers.
+    (LP: #1534340)
+    - debian/patches/report-max-auth.patch
+
+ -- Kees Cook <kees@ubuntu.com>  Thu, 14 Jan 2016 13:56:03 -0800
+
 openssh (1:6.6p1-2ubuntu2.4) trusty-security; urgency=medium
 
   * SECURITY UPDATE: information leak and overflow in roaming support
diff -Nru openssh-6.6p1/debian/patches/report-max-auth.patch openssh-6.6p1/debian/patches/report-max-auth.patch
--- openssh-6.6p1/debian/patches/report-max-auth.patch	1969-12-31 16:00:00.000000000 -0800
+++ openssh-6.6p1/debian/patches/report-max-auth.patch	2016-01-14 10:39:40.000000000 -0800
@@ -0,0 +1,57 @@
+Description: backport upstream changes from 6.7:
+ Make the "Too many authentication failures" message include
+ the user, source address, port and protocol in a format similar to the
+ authentication success / failure messages.
+
+Index: openssh-6.6p1/auth1.c
+===================================================================
+--- openssh-6.6p1.orig/auth1.c	2015-03-31 12:58:15.000000000 -0700
++++ openssh-6.6p1/auth1.c	2015-04-21 11:17:55.292642652 -0700
+@@ -40,6 +40,7 @@
+ #endif
+ #include "monitor_wrap.h"
+ #include "buffer.h"
++#include "canohost.h"
+ 
+ /* import */
+ extern ServerOptions options;
+@@ -363,6 +364,13 @@
+ #ifdef SSH_AUDIT_EVENTS
+ 			PRIVSEP(audit_event(SSH_LOGIN_EXCEED_MAXTRIES));
+ #endif
++			error("maximum authentication attempts exceeded for "
++				"%s%.100s from %.200s port %d %s",
++				authctxt->valid ? "" : "invalid user ",
++				authctxt->user,
++				get_remote_ipaddr(),
++				get_remote_port(),
++				compat20 ? "ssh2" : "ssh1");
+ 			packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
+ 		}
+ 
+Index: openssh-6.6p1/auth2.c
+===================================================================
+--- openssh-6.6p1.orig/auth2.c	2015-03-31 12:58:15.000000000 -0700
++++ openssh-6.6p1/auth2.c	2015-04-21 11:17:41.308441059 -0700
+@@ -49,6 +49,7 @@
+ #include "dispatch.h"
+ #include "pathnames.h"
+ #include "buffer.h"
++#include "canohost.h"
+ 
+ #ifdef GSSAPI
+ #include "ssh-gss.h"
+@@ -370,6 +371,13 @@
+ #ifdef SSH_AUDIT_EVENTS
+ 			PRIVSEP(audit_event(SSH_LOGIN_EXCEED_MAXTRIES));
+ #endif
++			error("maximum authentication attempts exceeded for "
++				"%s%.100s from %.200s port %d %s",
++				authctxt->valid ? "" : "invalid user ",
++				authctxt->user,
++				get_remote_ipaddr(),
++				get_remote_port(),
++				compat20 ? "ssh2" : "ssh1");
+ 			packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
+ 		}
+ 		methods = authmethods_get(authctxt);
diff -Nru openssh-6.6p1/debian/patches/series openssh-6.6p1/debian/patches/series
--- openssh-6.6p1/debian/patches/series	2016-01-13 07:48:11.000000000 -0800
+++ openssh-6.6p1/debian/patches/series	2016-01-14 10:39:40.000000000 -0800
@@ -34,3 +34,4 @@
 CVE-2015-5352.patch
 CVE-2015-5600-2.patch
 CVE-2016-077x.patch
+report-max-auth.patch