Openssh error to console - BSD

This is a discussion on Openssh error to console - BSD ; How do I turn off the feature that prints all openssh errors to the screen? I'm getting a lot of openssh attacks, but when they happen I can't block the IP because there are too many errors scrolling by. -- ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: Openssh error to console

  1. Openssh error to console

    How do I turn off the feature that prints all openssh errors to the screen?
    I'm getting a lot of openssh attacks, but when they happen I can't block
    the IP because there are too many errors scrolling by.

    --
    To contact me via email, substitute
    'aaronc' for 'spam' in my address.
    http://www.towerdata.com

  2. Re: Openssh error to console

    On 2005-10-24, Aaron Couts wrote:
    > How do I turn off the feature that prints all openssh errors to the screen?
    > I'm getting a lot of openssh attacks, but when they happen I can't block
    > the IP because there are too many errors scrolling by.


    I'm using OpenBSD 3.4.

    --
    To contact me via email, substitute
    'aaronc' for 'spam' in my address.
    http://www.towerdata.com

  3. Re: Openssh error to console

    Aaron Couts wrote:
    > On 2005-10-24, Aaron Couts wrote:
    >
    >>How do I turn off the feature that prints all openssh errors to the screen?
    >>I'm getting a lot of openssh attacks, but when they happen I can't block
    >>the IP because there are too many errors scrolling by.

    >
    >
    > I'm using OpenBSD 3.4.
    >

    I suggest looking in /etc/syslog.conf.

    I think you could potentially add a line like this

    !sshd
    *.* /var/log/sshlog

    and I think that will redirect all sshd syslog messages to whatever file
    you choose.

    Of course, if console messages give you the ****s, you could redirect
    all the /dev/console destinations to somewhere else.

    Ben

  4. Re: Openssh error to console

    On 2005-10-24, Ben O wrote:
    > Aaron Couts wrote:
    >> On 2005-10-24, Aaron Couts wrote:
    >>
    >>>How do I turn off the feature that prints all openssh errors to the screen?
    >>>I'm getting a lot of openssh attacks, but when they happen I can't block
    >>>the IP because there are too many errors scrolling by.

    >> I'm using OpenBSD 3.4.


    > I suggest looking in /etc/syslog.conf.


    I'll try that, thanks.

    --
    To contact me via email, substitute
    'aaronc' for 'spam' in my address.
    http://www.towerdata.com

  5. Re: Openssh error to console

    In article , spam@couts.org wrote:
    >On 2005-10-24, Ben O wrote:
    >> Aaron Couts wrote:
    >>> On 2005-10-24, Aaron Couts wrote:
    >>>
    >>>>How do I turn off the feature that prints all openssh errors to the screen?
    >>>>I'm getting a lot of openssh attacks, but when they happen I can't block
    >>>>the IP because there are too many errors scrolling by.
    >>> I'm using OpenBSD 3.4.


    >> I suggest looking in /etc/syslog.conf.


    >I'll try that, thanks.


    Question number one, what are you logged in as root to the console for?
    That's the only way I get stuff like that. Log in as somebody else and
    su.

    Also, did you look at /etc/ssh/sshd_config?

    And, assuming you added your own personl login to teh right groups,
    check out /var/log/authlog and search for sshd. I just do cat
    /var/log/authlog | grep sshd | less to get just the needed lines and
    then add another IP to the list in pf.conf and do pf -d ; pfctl -e to
    restart it without flushi NAT stuff and the like. (I'm not suphisticated
    enough to use the in-memory tables for pf.)

+ Reply to Thread