This log is part of /var/log/secure
:
-
Please clarify your specific problem or provide additional details to highlight exactly what you need. As it's currently written, it's hard to tell exactly what you're asking.– Community BotCommented Apr 14, 2023 at 12:19
-
1Your server is publicly accessible, has an ssh server on it and someone on the Internet is rubbing common usernames and passwords against it. This is basically how the internet works now.– Mokubai ♦Commented Apr 14, 2023 at 12:24
-
Please do not upload images of code/data/errors. Copy&paste the log file snippet as text. Do you need the server to be reachable from the internet? I suggest to disable password based authentication and allow public keys only.– BodoCommented Apr 14, 2023 at 12:26
2 Answers
You're being attacked by hackers or (more likely) bots.
Ensure that your password is long and complicated, so cannot be broken by brute force.
-
-
The most important suggestion: disable password authentication and only allow key authentication. Be sure to use a large enough key.– RamhoundCommented Apr 14, 2023 at 13:10
-
Everyone on the internet is being attacked by zombie computers. It's a fact of life today.– harrymcCommented Apr 14, 2023 at 15:06
Any server connected to the internet will suffer this. In addition to the long password mentioned elsewhere, consider using ssh keys and disabling password authentication, and root login with password or entirely. Just as with a normal password make sure the password/phrase on your ssh key is kept long and secure.