Record all details of failed login attempts?

I’ve been seeing some failed login attempts on my Flint 3 and would like to know if they’re malicious or just someone local being a bit dumb.

I see the device names but it possible to grab the MAC address, the password(s) they’re trying or any other details? That’d probably go some way to telling me if it’s anything to worry about and if they’re anywhere near the correct pw (doubt it…). A bit of Googling let me to Fail2Ban, would that do the job?

Thanks!!

Hello,

In fact, it is not recommended to enable SSH permissions for the public network.

There seems to be no way to achieve these requirements.

The plugin Fail2Ban can only be said to be able to "jail" malicious SSH clients for trying passwords for a specified times, or completely.
Instead of simply allowing SSH access to only IPs you trust.

Bruce_2025-10-09_18-02-56965×462 13.4 KB