Apr 03 10:19:59 pve sshd[12301]: Unable to negotiate with 61.**.1*2.174 port 60790: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth]
Apr 03 09:56:19 pve sshd[9035]: Unable to negotiate with 194.165.16.5 port 57560: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
Apr 03 09:56:29 pve sshd[9058]: Unable to negotiate with 194.165.1**.5 port 57376: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
Apr 03 09:56:40 pve sshd[9081]: Unable to negotiate with 194.***.1**.5 port 57240: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
Apr 03 09:56:51 pve sshd[9104]: Unable to negotiate with 194.***.1**.5 port 57102: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
Apr 03 09:57:02 pve sshd[9134]: Unable to negotiate with 194.***.1*9.5 port 56958: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
Apr 03 09:57:13 pve sshd[9181]: Unable to negotiate with 194.***.1**.5 port 56818: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
Apr 03 09:57:24 pve sshd[9207]: Unable to negotiate with 194.***.1*.5 port 56678: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
Apr 03 10:03:50 pve sshd[10083]: Unable to negotiate with 61.1***.***.41 port 33392: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth]
Apr 03 10:03:58 pve pvedaemon[1207]: <root@pam> successful auth for user 'root@pam'
What is this? How can I stop it? Did someone/are people getting into my server? Should I reinstall?
Even more suspicious logs!
Apr 03 09:09:04 pve login[983]: FAILED LOGIN (2) on '/dev/tty1' FOR 'root', Authentication failure
Apr 03 09:09:40 pve systemd[1]: getty@tty1.service: Succeeded.
Apr 03 09:09:40 pve systemd[1]: getty@tty1.service: Scheduled restart job, restart counter is at 1.
Apr 03 09:09:40 pve systemd[1]: Stopped Getty on tty1.
Apr 03 09:09:40 pve systemd[1]: Started Getty on tty1.
Apr 03 09:09:56 pve login[1884]: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0
Apr 03 09:56:19 pve sshd[9035]: Unable to negotiate with 194.165.16.5 port 57560: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
Apr 03 09:56:29 pve sshd[9058]: Unable to negotiate with 194.165.1**.5 port 57376: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
Apr 03 09:56:40 pve sshd[9081]: Unable to negotiate with 194.***.1**.5 port 57240: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
Apr 03 09:56:51 pve sshd[9104]: Unable to negotiate with 194.***.1**.5 port 57102: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
Apr 03 09:57:02 pve sshd[9134]: Unable to negotiate with 194.***.1*9.5 port 56958: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
Apr 03 09:57:13 pve sshd[9181]: Unable to negotiate with 194.***.1**.5 port 56818: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
Apr 03 09:57:24 pve sshd[9207]: Unable to negotiate with 194.***.1*.5 port 56678: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
Apr 03 10:03:50 pve sshd[10083]: Unable to negotiate with 61.1***.***.41 port 33392: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth]
Apr 03 10:03:58 pve pvedaemon[1207]: <root@pam> successful auth for user 'root@pam'
What is this? How can I stop it? Did someone/are people getting into my server? Should I reinstall?
Even more suspicious logs!
Apr 03 09:09:04 pve login[983]: FAILED LOGIN (2) on '/dev/tty1' FOR 'root', Authentication failure
Apr 03 09:09:40 pve systemd[1]: getty@tty1.service: Succeeded.
Apr 03 09:09:40 pve systemd[1]: getty@tty1.service: Scheduled restart job, restart counter is at 1.
Apr 03 09:09:40 pve systemd[1]: Stopped Getty on tty1.
Apr 03 09:09:40 pve systemd[1]: Started Getty on tty1.
Apr 03 09:09:56 pve login[1884]: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0
Last edited:
