HI

Does any one can tell What exactly does it means i have searched many but not found a correct answer

Does is hacking ?

Can any one help me ?

I have the some logs using the command

grep -i ssh /var/log/messages

Do you shell into the system? If so, then it coudl be reporting you as the shell login.

From the looks of your first quoted area, you have JailShell enabled on your server. If that's the case, then a user can be shelling into their account.

24548 root 19 0.0 0.0 jailshell (username) [24557] ell -c /usr/libexec/openssh/sftp-server

This relates to sFTP - a process where a user uses FTP over SSH to upload files to the server.

You really need to contact the hosting company regarding this for final decisions - they will be able to assist you - if not, you need to find a new host.

Yes we have the shell we have disabled the login of the user for shell

Even though i have disabled the access the shell access i am geting the message

Is the username one of your accounts?

Have you disabled sFTP on your server? The other error definitely had jailshell listed, and that's shell access for users. If you believe you've disabled shell and you're still getting that notice, then it's not disabled.

Yes one of the acccount holder and sFTP is not disabled

The first I imagine is your process table you are showing us. It just looks like you have a user or two running stuff over ssh.

This looks like it's just users securely transferring over files, not a bad thing.

This looks like it's just your dns syncing. Named is your dns server.

You look fine at first glance.

That fine Thank for clarification

don`t worry , it is not hacking attempt, it`s from your dns server.