I am seeing almost the same thing. Every 30 secs I get a failed connection attempt... but for me it comes from ::1 (the IPv6 localhost address). I upgrades my sshd logging level to "DEBUG" and this is what I get:
Code:
Jan 8 21:13:24 pbx2 sshd[24826]: Did not receive identification string from ::1
Jan 8 21:13:55 pbx2 sshd[24776]: debug1: Forked child 24864.
Jan 8 21:13:55 pbx2 sshd[24864]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
Jan 8 21:13:55 pbx2 sshd[24864]: debug1: inetd sockets after dupping: 3, 3
Jan 8 21:13:55 pbx2 sshd[24864]: Connection from ::1 port 46125
Jan 8 21:13:55 pbx2 sshd[24864]: Did not receive identification string from ::1
Jan 8 21:14:25 pbx2 sshd[24776]: debug1: Forked child 24902.
Jan 8 21:14:25 pbx2 sshd[24902]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
Jan 8 21:14:25 pbx2 sshd[24902]: debug1: inetd sockets after dupping: 3, 3
Jan 8 21:14:25 pbx2 sshd[24902]: Connection from ::1 port 46143
Jan 8 21:14:25 pbx2 sshd[24902]: Did not receive identification string from ::1
Jan 8 21:14:55 pbx2 sshd[24776]: debug1: Forked child 24940.
Jan 8 21:14:55 pbx2 sshd[24940]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
Jan 8 21:14:55 pbx2 sshd[24940]: debug1: inetd sockets after dupping: 3, 3
Jan 8 21:14:55 pbx2 sshd[24940]: Connection from ::1 port 46161
Jan 8 21:14:55 pbx2 sshd[24940]: Did not receive identification string from ::1
Jan 8 21:15:26 pbx2 sshd[24776]: debug1: Forked child 24979.
Jan 8 21:15:26 pbx2 sshd[24979]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
Jan 8 21:15:26 pbx2 sshd[24979]: debug1: inetd sockets after dupping: 3, 3
Jan 8 21:15:26 pbx2 sshd[24979]: Connection from ::1 port 46179
Jan 8 21:15:26 pbx2 sshd[24979]: Did not receive identification string from ::1
I haven't seen this before. I do have OpenVPN running... but I don't think that matters. (And OpenVPN has nothing to do with sshd, so I'm stumped.)
I have bridged config set up with a br0 also... and I'm running Asterisk and FreePBX. (Just tossing out possible troublemakers here...)
It can't be cron because cron only runs every minute (at the soonest). Hmm... maybe a looping gdm that won't boot? Dunno...
This is on a 10.4 Virtual Machine running under KVM.
[EDIT]
Found it. This is a known issue with FreePBX. It polls port 22 for listening (as part of the FreePBX monitoring), resulting in the errors.
http://www.freepbx.org/v2/ticket/3461
The FreePBX bug is not fixed and has been given low priority... *sigh*
Bookmarks