When when I ssh into my server from windows using putty without using public key authentication I get no indication of a "BREAK IN ATTEMPT" in /var/log/auth.log
However when I use DSA keys and set the appropriate path for the private key in putty:
Connection->SSH->Auth
Private key file for authenticationBrowse...
I am able to ssh into my server with public key authentication, however the /var/log/auth.log adds the following line to the log file
Address 192.168.1.1 maps to dd-wrt, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Should this message be expected when I use public key authentication and my private key is on my windows comp/I use putty to ssh?
NOTE: My server and windows computer are both on the same LAN
Best Answer
This is not an error or a hack. The message you are seeing is because of the reverse lookup performed which will return a host name. It works like this, assuming that you are ssh'ing to host1 with ip 123.123.123.123 from host2:
lookup(host1) returns 123.123.123.123
but rev_lookup(123.123.123.123) might not return host1 but dd-wrt which is/was another host on the network. Check your DHCP server, it might help