21 Feb
2019
21 Feb
'19
2:55 p.m.
Hi,
Fail2ban is logging false positive with authentication using pam ldap.
What happen is a user login using his ldap password cause pam_unix to fail then pam_ldap log the user in.
sshd filter for fail2ban read /var/log/secure see the pam_unix error, flag it even if the next line in the log says the login is successful.
CentOS 7 with fail2ban 0.9.7 from EPEL.
Any idea how to fix this?
Thanks.
Jimmy