why LogWatch send me a mail
Christopher K. Johnson
ckjohnson at gwi.net
Thu Sep 9 13:34:07 UTC 2004
James Kosin wrote:
> Roberto Felloni wrote:
>
> This one is for the SSHD (secure shell) like telnet. It is just saying
> that the deamon is already running. If this is a workstation or you
> don't need access just turn off this service. There have been several
> attacks lately on this port.
>
> | --------------------- SSHD Begin ------------------------
> | SSHD Started: 1 Time(s)
> | Failed to bind:
> | 0.0.0.0 port 22 (Address already in use) : 1 Time(s)
> | ---------------------- SSHD End -------------------------
Close, but not strictly correct. Only one sshd is started, but it is in
conflict with itself. This message occurs because ipv6 is enabled and
sshd opens a socket to listen on all addresses for connections to port
22 under both ipv6 and ipv4, which overlap.
Unless you need ipv6 networking the best thing to do is add the
following line to /etc/modprobe.conf:
alias net-pf-10 off
Then at the next boot ipv6 will be disabled, and the sshd log message
will no longer occur.
Chris
--
-----------------------------------------------------------
"Spend less! Do more! Go Open Source..." -- Dirigo.net
Chris Johnson, RHCE #807000448202021
More information about the users
mailing list