The brute force monitor is showing the following:
As you can see it incorrectly parses the username as "invalid" instead of "test".
1631... | 116.110... | invalid | 1 | sshd3 | Sep 14 03:17:08 srv2 sshd[89172]: Failed keyboard-interactive/pam for invalid user test from 116.110... port 44658 ssh2 |
As you can see it incorrectly parses the username as "invalid" instead of "test".