[Logcheck-commits] martin f. krafft: * ignore.d.server/ssh:
Martin F. Krafft
madduck at alioth.debian.org
Tue Jun 24 18:02:23 UTC 2008
Module: logcheck
Branch: master
Commit: 568bd3638c81831fa830902011714512167f3326
URL: http://git.debian.org/?p=logcheck/logcheck.git;a=commit;h=568bd3638c81831fa830902011714512167f3326
Author: martin f. krafft <madduck at debian.org>
Date: Tue Jun 24 18:59:53 2008 +0100
* ignore.d.server/ssh:
- ignore host-based auth logins; thanks to Tilman Koschnick
(closes: #483214)
---
debian/changelog | 3 +++
rulefiles/linux/ignore.d.server/ssh | 2 +-
2 files changed, 4 insertions(+), 1 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 12e26ef..68e75a1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -17,6 +17,9 @@ logcheck (1.2.65) unstable; urgency=low
to Daniel Hahler (closes: #484546).
* ignore.d.server/spamd:
- ignore child state K; thanks to Ross Boylan (closes: #484328).
+ * ignore.d.server/ssh:
+ - ignore host-based auth logins; thanks to Tilman Koschnick
+ (closes: #483214)
-- martin f. krafft <madduck at debian.org> Tue, 24 Jun 2008 18:56:26 +0100
diff --git a/rulefiles/linux/ignore.d.server/ssh b/rulefiles/linux/ignore.d.server/ssh
index 30c0474..2123d6e 100644
--- a/rulefiles/linux/ignore.d.server/ssh
+++ b/rulefiles/linux/ignore.d.server/ssh
@@ -1,4 +1,4 @@
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Accepted (gssapi(-with-mic|-keyex)?|rsa|dsa|password|publickey|keyboard-interactive/pam) for [^[:space:]]+ from [^[:space:]]+ port [0-9]+( (ssh|ssh2))?$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Accepted (gssapi(-with-mic|-keyex)?|rsa|dsa|password|publickey|keyboard-interactive/pam|hostbased) for [^[:space:]]+ from [^[:space:]]+ port [0-9]+( (ssh|ssh2))?$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Postponed keyboard-interactive(/pam)? for [^[:space:]]+ from [^[:space:]]+ port [0-9]+( (ssh|ssh2))?$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: PAM pam_putenv: delete non-existent entry; [[:alnum:]]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Server listening on [:[:xdigit:].]+ port [[:digit:]]+\.$
More information about the Logcheck-commits
mailing list