Hi all recently my master root password was hacked/cracked and spam was getting sent to my users through my email address. I belive this was done through SSH and i was woundering how/if i can access a log file that loggs all logons. Then i may be able to block the IP/host etc. Can i do this? I use OpenSSH btw. Thanks Tim.
What distro are you using ? if it is redhat based the log is /var/log/secure on debian i think you should check /var/log/auth.log or /var/log/syslog
