FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 10-04-2008, 09:36 AM
"Michael A. Peters"
 
Default ssh error in /var/log/secure

Hi -

I just bought a xen VPS and am running CentOS 5 on it (updated to 5.2).
With all my personal machines sitting at home behind a router with all
ports (except for BitTorrent) closed - I had forgotten how frequent
brute force ssh attacks are, but within a day, the log was loaded with them.


So I did two things - I installed and configured pam_abl and I moved the
ssh port to 1294 ( a > 1024 number that means something to me so easy to
remember) and then blocked port 22 in iptables.


Interestingly - after installing pam_able before I configured and
restarted sshd, pam_able was already building a database of hosts - the
attacks were that frequent. Nothing after restarting sshd on the new
port though, at least so far.


Anyway - while the server is working on the new port and I can connect,
I noticed this error:


Oct 4 09:01:25 li34-4 sshd[2305]: Server listening on :: port 1294.
Oct 4 09:01:25 li34-4 sshd[2305]: error: Bind to port 1294 on 0.0.0.0
failed:

Address already in use.

Is that caused by a mis-configuration on my part?
The only change I made to sshd was the Port directive (root login was
already disabled in the xen image I started from)


It looks like it is listening on the port and then trying to bind to the
port a second time.


Is that from having two IPs on the same nic (eth0 and eth0:1) ?
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 10-04-2008, 10:20 AM
"Akemi Yagi"
 
Default ssh error in /var/log/secure

On Sat, Oct 4, 2008 at 2:36 AM, Michael A. Peters <mpeters@mac.com> wrote:

> Anyway - while the server is working on the new port and I can connect, I
> noticed this error:
>
> Oct 4 09:01:25 li34-4 sshd[2305]: Server listening on :: port 1294.
> Oct 4 09:01:25 li34-4 sshd[2305]: error: Bind to port 1294 on 0.0.0.0
> failed:
> Address already in use.
>
> Is that caused by a mis-configuration on my part?
> The only change I made to sshd was the Port directive (root login was
> already disabled in the xen image I started from)
>
> It looks like it is listening on the port and then trying to bind to the
> port a second time.

This has to do with ipv6. google shoud give you more details. :-)

Akemi
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 10-04-2008, 11:26 AM
"Michael A. Peters"
 
Default ssh error in /var/log/secure

Akemi Yagi wrote:



This has to do with ipv6.


Thanks!
Got it fixed.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 10-08-2008, 08:32 AM
Kai Schaetzl
 
Default ssh error in /var/log/secure

Scott Silva wrote on Tue, 07 Oct 2008 15:40:11 -0700:

> (or bind the ListenAddress to a specific IP)

That's the only way it works. Default is:

#ListenAddress 0.0.0.0
#ListenAddress ::

(e.g. both options are set by default)
so decommenting ListenAddress 0.0.0.0 won't make a difference.

Kai

--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 01:27 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org