Changes between Initial Version and Version 1 of Ticket #35477, comment 7


Ignore:
Timestamp:
Oct 3, 2012, 6:13:14 PM (12 years ago)
Author:
ktekinay (Kem Tekinay)
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #35477, comment 7

    initial v1  
    11I found the problem. DenyHosts previously worked by scanning the /var/log/secure.log, but, in Mountain Lion, ''there is no more secure.log''. It's been rolled into the general logging utility asl so entries will only appear in system.log. To fix it, I had to add/modify these entries in the config:
    22
     3
     4{{{
    35SECURE_LOG=/private/var/log/system.log
    46USERDEF_FAILED_ENTRY_REGEX=.*?sshd\[\d+\]: error: PAM: authentication error for (?P<user>[^ ]+) from (?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}.\d{1,3})
    57USERDEF_FAILED_ENTRY_REGEX=.*?sshd\[\d+\]: error: PAM: unknown user for illegal user (?P<user>[^ ]+) from (?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}.\d{1,3})
     8}}}
    69
    710I have not tested these yet to make sure it works as expected, but at least it doesn't exit on startup anymore.