It does not block when entering an incorrect username/password.
The problem is that the sshd daemon has changed the format of the entry in the /var/log/secure log file.
In Almalinux 8/9, the daemon was called
Code: Select all
sshd[2084920]:pam_unix(sshd:auth): authentication failureIn the 10th version,
Code: Select all
sshd-session[10741]: pam_unix(sshd:auth): authentication failureHow can I force a parser with REGEX to process sshd-session instead of sshd?