Oct 25 03:40:12 localhost sshd[26957]: Failed password for root from 207.42.177.19 port 51294 ssh2
Oct 25 03:40:12 localhost sshd[26958]: Received disconnect from 207.42.177.19: 11: Bye Bye
Oct 25 03:40:13 localhost sshd[26959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.42.177.19 user=root
Oct 25 03:40:16 localhost sshd[26959]: Failed password for root from 207.42.177.19 port 51505 ssh2
Oct 25 03:40:16 localhost sshd[26960]: Received disconnect from 207.42.177.19: 11: Bye Bye



rsyslogd: [origin software="rsyslogd" swVersion="3.21.9" x-pid="1835" x-info="http://www.rsyslog.com"] restart
Oct 25 14:30:43 localhost sshd[10208]: Connection closed by 61.168.227.12
Oct 25 18:40:21 localhost sshd[10329]: reverse mapping checking getaddrinfo for abs-static-175.32.68.58.aircel.co.in [58.68.32.175] failed - POSSIBLE BR
EAK-IN ATTEMPT!
Oct 25 18:40:21 localhost sshd[10329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.68.32.175 user=root
Oct 25 18:40:23 localhost sshd[10329]: Failed password for root from 58.68.32.175 port 13352 ssh2
Oct 25 18:40:23 localhost sshd[10330]: Received disconnect from 58.68.32.175: 11: Bye Bye
Oct 25 18:40:25 localhost sshd[10332]: reverse mapping checking getaddrinfo for abs-static-175.32.68.58.aircel.co.in [58.68.32.175] failed - POSSIBLE BR
EAK-IN ATTEMPT!


как понять данную строчку. Было подключение? Либо оно было сброшенно
Oct 25 14:30:43 localhost sshd[10208]: Connection closed by 61.168.227.12

Oct 27 12:17:49 localhost sshd[31889]: Received disconnect from " my ip adress": 13: Unable to authenticate

вот как пишет, если обрываю соединение.

В том-то и дело, что нет в журналах событий между этим временем...

смотрю журналы /var/log/secure

Fedora 10

PermitRootLogin no
AllowUsers "user1" "user2"

но журнал хорошо пачкают