saslauthd: do_request : NULL password received
LogLevel=FATAL, and still getting tons of this shit. Again, this is just some jerkface out there trying to break into my system, there's nothing I can do about it, there's no use in telling me about it. Guess that's what we're stuck with.
I do not remember if I had to install
sshd manually or if
it was automatically installed when I installed the OS, sorry. If I
did have to install it, it must have been painless as I didn't
document any special fight in my HowTo's. It does appear in
Now that the system is running, I'm getting boatloads of logspam like the following:
Plenty of web searching yields that although this could be a real breakin attempt, two things:
Oct 10 00:49:49 rachis sshd: reverse mapping checking getaddrinfo for [...] failed - POSSIBLE BREAK-IN ATTEMPT!
/etc/ssh/sshd_configfile. There was already one there on my system. If not present on yours, you should be able to find a default version at
service sshd restart
I am also now getting completely swamped with logspam like the
What this message really means, is simply that the caller is using an old version of SSH that doesn't know SHA2. Please note that this is a change as of FreeBSD 11, or maybe version 10. [Actually it's determined by which version of SSHD you're running, but they changed the default in the OS installation about here.]
Nov 19 11:10:03 [...] sshd: fatal: Unable to negotiate with xx.xx.xx.xx port 58399: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth]
Same discussion as above, I know these are breakin attempts. I just can't care about them. They're usually dictionary attacks trying a whole list of users that are not present on my system.
Dec 6 14:02:09 rachis sshd: error: PAM: authentication error for illegal user pi from zzz.zzz.zzz.zzz
Dec 6 14:02:09 rachis sshd: error: Received disconnect from zzz.zzz.zzz.zzz port 59750:14: No more user authentication methods available. [preauth]