how do find all failed login attempts via ssh?
Answer Posted / vimal kumar k, technomenace.co
Failed ssh logs are either written in /var/log/messages, or
/var/log/secure (configurable in /etc/syslog.conf). I am
assuming that the failed login attempts are recorded in
/var/log/secure:
grep ' authentication failure' /var/log/secure | sed -e
's/^\(.*\)\(rhost.*\)$/\2/p' | tr -s " " | cut -f2 -d"=" |
cut -f1 -d" " | sort -n | uniq -c
Will show you the count, and the IP/hostname of machines
that tried to access the system via ssh
Is This Answer Correct ? | 20 Yes | 3 No |
Post New Answer View All Answers
Explain about sh?
What is the ipconfig command for linux?
Why is it called bash?
What does make clean command do?
Which command will show you free/used memory?
What is p command?
How use more command in linux?
What is the difference between command ‘ping’ and ‘ping6’?
The command ‘umask -S’
How to activate / deploy licence in RHEL 6 and what will happen if you don't activate / deploy licence in RHEL 6 ?
How do I get to root directory in linux?
How do I start ms dos?
What are the command prompt commands?
Explain about lprm job number?
What command used for showing user info like Login Name, Canonical Name, Home Directory,Shell etc..?