Should I be concerned with this many login attempts?
For example, this guy tried at least 30 times, all with a different port number.
Feb 20 05:41:44 traviselijah sshd[8802]: reverse mapping checking getaddrinfo for 31-xdsl.anitex.by [213.184.241.31] failed - POSSIBLE BREAK-IN ATTEMPT!
Feb 20 05:41:44 traviselijah sshd[8802]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.184.241.31 user=root
Feb 20 05:41:46 traviselijah sshd[8802]: Failed password for root from 213.184.241.31 port 57022 ssh2
7 Replies
I once hacked sshd to log the passwords these scripts use. It's all dictionary words, names, and strings like 'letmein' and 'passw0rd'.
And
unless I am completely dense and do not understand the other terms used…
puttygen
Also, if you use both Windows and Mac, keep in mind that Putty uses a nonstandard format for the its SSH private keys, and it won't work in Terminal on Mac. To get it to work, you'd need to load the key in puttygen (on Windows), convert it to OpenSSH's format (via Conversions->Export OpenSSH key).