From 45f7e3ade08b23daad9d4c99b5092bda6fe8c886 Mon Sep 17 00:00:00 2001 From: Oleg Broytman Date: Thu, 11 Jan 2024 15:29:43 +0300 Subject: [PATCH] Feat(logcheck): Update `local-ssh` --- playbooks/roles/logcheck/files/ignore.d/local-ssh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/playbooks/roles/logcheck/files/ignore.d/local-ssh b/playbooks/roles/logcheck/files/ignore.d/local-ssh index 0d74406..cdf515f 100644 --- a/playbooks/roles/logcheck/files/ignore.d/local-ssh +++ b/playbooks/roles/logcheck/files/ignore.d/local-ssh @@ -33,6 +33,7 @@ ^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd\[[0-9]+\]: error: kex_exchange_identification: read: Connection reset by peer ^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd\[[0-9]+\]: error: maximum authentication attempts exceeded for .+ from ([0-9]{1,3}\.){3}[0-9]{1,3} port [0-9]+ ssh2 \[preauth\] ^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd\[[0-9]+\]: error: send_error: write: Connection reset by peer$ +^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd\[[0-9]+\]: error: userauth_pubkey: parse key: invalid format \[preauth\] ^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd\[[0-9]+\]: exited MaxStartups throttling ^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd\[[0-9]+\]: fatal: (Read from socket|Write) failed: Connection reset by peer ^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd\[[0-9]+\]: fatal: Timeout before authentication @@ -41,5 +42,5 @@ ^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd\[[0-9]+\]: fatal: userauth_pubkey: parse (publickey packet|request failed): incomplete message \[preauth\] ^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd\[[0-9]+\]: input_userauth_request: invalid user .+\[preauth\]$ ^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd\[[0-9]+\]: pam_unix\(sshd:auth\): bad username -^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd\[[0-9]+\]: userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes \[preauth\] +^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd\[[0-9]+\]: userauth_pubkey: (key type|signature algorithm) ssh-(dss|rsa) not in PubkeyAccepted(Algorithm|KeyType)s \[preauth\] ^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd\[[0-9]+\]: warning: can't get client address: Connection reset by peer$ -- 2.39.5