Wiki‎ > ‎

Denyhosts installation

posted Jul 15, 2015, 4:18 PM by Dong Xu   [ updated Jul 16, 2015, 7:24 AM ]
Other methods against brute force ssh
https://forum.openwrt.org/viewtopic.php?id=10417

Not in apt-get for ubuntu anymore!

wget http://downloads.sourceforge.net/project/denyhost/denyhost-2.8/denyhosts-2.8.tar.gz

tar xzf denyhosts*.tar.gz

cd DenyHosts*

sudo python setup.py install

sudo cp /usr/local/bin/daemon-control-dist /etc/init.d/denyhosts

sudo vi /etc/init.d/denyhosts

###############################################
#### Edit these to suit your configuration ####
###############################################

DENYHOSTS_BIN = “/usr/local/bin/denyhosts.py”
DENYHOSTS_LOCK = “/run/denyhosts.pid”
DENYHOSTS_CFG = “/etc/denyhosts.conf”

PYTHON_BIN = “/usr/bin/env python”

To white-list your own IP address

sudo vi /etc/hosts.allow  add your IPs


vi /etc/denyhosts.conf

BLOCK_SERVICE = ALL
DENY_THRESHOLD_INVALID = 1
DENY_THRESHOLD_VALID = 3
DENY_THRESHOLD_ROOT = 1
DENY_THRESHOLD_RESTRICTED = 1

DAEMON_LOG = /var/log/denyhosts.log


sudo /etc/init.d/denyhosts start  (ctrl-Z will make it run)

/etc/init.d/denyhosts status

To make autorun after reboot, 

sudo update-rc.d denyhosts defaults

sudo update-rc.d -f denyhosts remove to remove the existing links

Comments