这今天看 systemd-journal 日志,看到 sshd 在不断重启?是被攻击了吧?
Apr 05 22:05:04 xxxxxxxxx sshd[27233]: Received disconnect from 68.183.10.8 port 50736:11: Normal Shutdown, Thank you for playing [preauth]
Apr 05 22:05:04 xxxxxxxxx sshd[27233]: Disconnected from authenticating user postgres 68.183.10.8 port 50736 [preauth]
Apr 05 22:05:07 xxxxxxxxx CRON[27238]: (CRON) info (No MTA installed, discarding output)
Apr 05 22:05:07 xxxxxxxxx CRON[27238]: pam_unix(cron:session): session closed for user root
Apr 05 22:06:31 xxxxxxxxx sshd[27490]: Received disconnect from 68.183.10.8 port 51926:11: Normal Shutdown, Thank you for playing [preauth]
Apr 05 22:06:31 xxxxxxxxx sshd[27490]: Disconnected from authenticating user postgres 68.183.10.8 port 51926 [preauth]
Apr 05 22:07:11 xxxxxxxxx systemd[1]: Stopping OpenBSD Secure Shell server...
Apr 05 22:07:11 xxxxxxxxx sshd[26242]: Received signal 15; terminating.
Apr 05 22:07:11 xxxxxxxxx systemd[1]: Stopped OpenBSD Secure Shell server.
Apr 05 22:07:11 xxxxxxxxx systemd[1]: Starting OpenBSD Secure Shell server...
Apr 05 22:07:11 xxxxxxxxx sshd[27643]: Server listening on 0.0.0.0 port 22.
Apr 05 22:07:11 xxxxxxxxx sshd[27643]: Server listening on :: port 22.
Apr 05 22:07:11 xxxxxxxxx systemd[1]: Started OpenBSD Secure Shell server.
Apr 05 22:07:11 xxxxxxxxx systemd[1]: Stopping OpenBSD Secure Shell server...
Apr 05 22:07:11 xxxxxxxxx sshd[27643]: Received signal 15; terminating.
Apr 05 22:07:11 xxxxxxxxx systemd[1]: Stopped OpenBSD Secure Shell server.
Apr 05 22:07:11 xxxxxxxxx systemd[1]: Starting OpenBSD Secure Shell server...
Apr 05 22:07:11 xxxxxxxxx sshd[27662]: Server listening on 0.0.0.0 port 22.
Apr 05 22:07:11 xxxxxxxxx sshd[27662]: Server listening on :: port 22.
Apr 05 22:07:11 xxxxxxxxx systemd[1]: Started OpenBSD Secure Shell server.
--
FROM 112.47.122.*