I've used it before on Gentoo Linux and liked it, so today I'll lay out the steps required to install and configure it on FreeBSD:
- % su
- # cd /usr/ports/security/denyhosts
- # make install clean
- # echo 'denyhosts_enable="YES"' >> /etc/rc.conf
- # echo 'syslogd_flags="-s -c"' >> /etc/rc.conf
- # echo "sshd : /etc/hosts.deniedssh : deny" >> /etc/hosts.allow
- # echo "sshd : ALL : allow" >> /etc/hosts.allow
- # touch /etc/hosts.deniedssh
- Edit /usr/local/etc/denyhosts.conf and uncoment the BLOCK_SERVICE = sshd entry.
- # /usr/local/etc/rc.d/denyhosts onestart
From step 4 to 9, rc.conf is updated so that DenyHosts is started at boot time and can act as a daemon monitoring SSH unauthorized login attempts registering them in hosts.deniedssh.
Finally, step 10 starts DenyHosts imediattely.
If you wish to learn more about DenyHosts have a look at the project's homepage at http://denyhosts.sourceforge.net.
4 comments:
you might also want to edit /usr/local/bin/denyhosts.py and change the first line to #!/usr/local/bin/python instead of #!/usr/loca/bin/python2.5
note: I misspelled "local", sorry
Hi there!
I don't see the added value of pointing to python2.5. Actually I just the opposite: one more customization to remember of, for example, if python increments version one would have to remember to edit denyhosts.py.
Thanks for the input anyways.
And I forgot to mention that /usr/local/bin/python and /usr/local/bin/python2.5 are the same file ;)
Post a Comment