From 1e2ddec48592ff7ff7abe2ce4cef742deec2853c Mon Sep 17 00:00:00 2001
From: Cyril Jaquier <cyril.jaquier@fail2ban.org>
Date: Thu, 7 Jun 2007 21:29:18 +0000
Subject: [PATCH] - Fixed vulnerability in sshd.conf. Thanks to Daniel B. Cid

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@587 a942ae1a-1317-0410-a47c-b1dcaea8d605
---
 CHANGELOG                 | 6 +++++-
 config/filter.d/sshd.conf | 9 +++++----
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 94a7b411..67f301bc 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -4,9 +4,13 @@
              |_| \__,_|_|_/___|_.__/\__,_|_||_|
 
 =============================================================
-Fail2Ban (version 0.8.0)                           2007/05/03
+Fail2Ban (version 0.8.1)                           2007/??/??
 =============================================================
 
+ver. 0.8.1 (2007/??/??) - stable
+----------
+- Fixed vulnerability in sshd.conf. Thanks to Daniel B. Cid
+
 ver. 0.8.0 (2007/05/03) - stable
 ----------
 - Fixed RedHat init script. Thanks to Jonathan Underwood
diff --git a/config/filter.d/sshd.conf b/config/filter.d/sshd.conf
index fa1d88ad..39416f43 100644
--- a/config/filter.d/sshd.conf
+++ b/config/filter.d/sshd.conf
@@ -14,10 +14,11 @@
 #          (?:::f{4,6}:)?(?P<host>\S+)
 # Values:  TEXT
 #
-failregex = Authentication failure for .* from <HOST>
-            Failed [-/\w]+ for .* from <HOST>
-            ROOT LOGIN REFUSED .* FROM <HOST>
-            [iI](?:llegal|nvalid) user .* from <HOST>
+failregex = Authentication failure for .* from <HOST>$
+            Failed [-/\w]+ for .* from <HOST>$
+            ROOT LOGIN REFUSED .* FROM <HOST>$
+            [iI](?:llegal|nvalid) user .* from <HOST>$
+            User .* from <HOST> not allowed because not listed in AllowUsers$
 
 # Option:  ignoreregex
 # Notes.:  regex to ignore. If this regex matches, the line is ignored.