1/29 08:15:18a 1496 SSH connection accepted from: <edited ip> port51420
1/29 08:15:20a 1496 SSH active channel 'direct-tcpip' is not 'session', disconnecting.
1/29 08:15:20a 1496 SSH session establishment failed
is that a client issue, or perhaps a mis-configuration issue?
On 2019 Jan 29 08:19:46, you wrote to All:testing?
1/29 08:15:18a 1496 SSH connection accepted from: <edited ip> port 51420 1/29 08:15:20a 1496 SSH active channel 'direct-tcpip' is not 'session', disconnecting.
1/29 08:15:20a 1496 SSH session establishment failed
is that a client issue, or perhaps a mis-configuration issue?
is this a legit random connection or something you are specifically
i see similar ones here and they've all been skiddies trying to get in...
is this a legit random connection or something you are specifically testing? i see similar ones here and they've all been skiddies trying to get in...
'SSH-2.0-Go'' (-32) setting session active from bbs_thread
is that a client issue, or perhaps a mis-configuration issue?
Re: SSH
By: Mortifis to All on Tue Jan 29 2019 08:19:47
'SSH-2.0-Go'' (-32) setting session active from bbs_thread
That comes from an SSH library for Go. Could be someone trying their SSH client, more likely they're trying to automate some hack.
is that a client issue, or perhaps a mis-configuration issue?
Very likely a client issue, especially if your server is working with other known-good SSH clients.
I recently configured for SSH and have been seeing a lot of Terminal Log entries similar to this:
1/29 08:14:23a 1372 SSH connection accepted from: <edited ip> port 41408 1/29 08:14:25a 1372 SSH WARNING 'Client sent malformed identifier string 'SSH-2.0-Go'' (-32) setting session active from bbs_thread
1/29 08:14:25a 1372 SSH session establishment failed
1/29 08:15:18a 1496 SSH connection accepted from: <edited ip> port 51420 1/29 08:15:20a 1496 SSH active channel 'direct-tcpip' is not 'session', disconnecting.
1/29 08:15:20a 1496 SSH session establishment failed
is that a client issue, or perhaps a mis-configuration issue?
Re: SSHidentifier
By: Mortifis to All on Tue Jan 29 2019 08:19 am
I recently configured for SSH and have been seeing a lot of Terminal Log entries similar to this:
1/29 08:14:23a 1372 SSH connection accepted from: <edited ip> port 41408 1/29 08:14:25a 1372 SSH WARNING 'Client sent malformed
string 'SSH-2.0-Go'' (-32) setting session active from bbs_thread
1/29 08:14:25a 1372 SSH session establishment failed
1/29 08:15:18a 1496 SSH connection accepted from: <edited ip> port 51420 1/29 08:15:20a 1496 SSH active channel 'direct-tcpip' is not 'session', disconnecting.
1/29 08:15:20a 1496 SSH session establishment failed
is that a client issue, or perhaps a mis-configuration issue?
This just looks like connections trying your ssh port looking for holes (portscan of sorts). They're being disconnected so it looks like everything is working properly. I'd expect to see connection attempts at most every common port all day long that go nowhere.
I'm assuming you are able to SSH in.
I recently configured for SSH and have been seeing a lot of Terminal Log entries similar to this:
1/29 08:14:23a 1372 SSH connection accepted from: <edited ip> port 41408 1/29 08:14:25a 1372 SSH WARNING 'Client sent malformed identifier string 'SSH-2.0-Go'' (-32) setting session active from bbs_thread
1/29 08:14:25a 1372 SSH session establishment failed
1/29 08:15:18a 1496 SSH connection accepted from: <edited ip> port 51420 1/29 08:15:20a 1496 SSH active channel 'direct-tcpip' is not 'session', disconnecting.
1/29 08:15:20a 1496 SSH session establishment failed
is that a client issue, or perhaps a mis-configuration issue?
On 2019 Jan 29 08:19:46, you wrote to All:
1/29 08:15:18a 1496 SSH connection accepted from: <edited
port 51420 1/29 08:15:20a 1496 SSH active channel 'direct-tcpip' is not'session', disconnecting.
1/29 08:15:20a 1496 SSH session establishment failed
is that a client issue, or perhaps a mis-configuration issue?
is this a legit random connection or something you are
specifically testing? i see similar ones here and they've all
been skiddies trying to get in...
Not sure if they are legit or bots, I'll assume they are bots, but if
someone could try to SSH alleycat.synchro.net and let me know if the connection is successful or not, I'd appreciate it.
On Tue, 29 Jan 2019 10:05:51 -0400
"Mortifis" <mortifis@VERT/ALLEYCAT> wrote:
On 2019 Jan 29 08:19:46, you wrote to All:
Not sure if they are legit or bots, I'll assume they are bots, but if someone could try to SSH alleycat.synchro.net and let me know if the connection is successful or not, I'd appreciate it.
It just worked fine for me. Made it to your synchronet login.
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 296 |
Nodes: | 16 (2 / 14) |
Uptime: | 40:11:51 |
Calls: | 6,648 |
Files: | 12,193 |
Messages: | 5,329,412 |