A bored look at my sshd authlog
Not even one day since setting up OpenBSD on my VPS and /var/log/authlog is
already 400 KB big. Just for fun, let's see the usernames used to try and get in:
$ sed -En 's/.*sshd-session.*Invalid user ([^ ]+) .*/1/p' /var/log/authlog | sort | uniq -c | sort -r | awk '$1 > 5' 243 solana 214 sol 154 ubuntu 111 solv 43 admin 23 user 22 validator 21 test 13 deploy 12 firedancer 11 node 10 raydium 9 oracle 8 solnode 8 slv 8 postgres 8 lighthouse 8 ethereum 6 minima 6 mapr 6 latitude 6 jibs 6 devops 6 3d
Hmmm… most of these won't raise eyebrows, but what the fuck is solana? Apparently
some kind of cryptocurrency thing which needs some very beefy "validator" nodes (hence solv, validator and slv, I guess). A Google search for
the two other weird ones - firedancer and raydium - also returned crypto
results.
On a positive and related note, it's good to know that OpenSSH features something like fail2ban builtin these days: PerSourcePenalties.
