Friday, December 05, 2014

How To Install DenyHosts on Ubuntu

What is DenyHosts?

This is a python-script for the protection of  ssh server, like fail2ban, but consumes 

far less memory. The script parses the log file and finds failed login attempts and 

prohibits login from these IP addresses.

Installation steps.


Installation process is simple and contains some steps:

1. Retrieve new lists of packages

sudo apt-get update

2. Installation DenyHosts:

sudo apt-get install denyhosts

If the process is successfully completed, you will see the information of the screen:




After installation you can add your IP address in whitelist:

sudo nano /etc/hosts.allow

and insert following string:

sshd: 12.34.45.678

Where “12.34.45.678” – your IP address

And restart denyhost:

sudo service denyhosts restart

Configuration denyhosts.


After the installation process, the DenyHosts is ready to work, but some 

configuration options are noteworthy. All configuration values are in the file 

/etc/denyhosts.conf

1. PURGE_DENY: removed HOSTS_DENY entries that are older than this 

time.

Default value is empty and all listed ip-addresses remain in the file 

/etc/hosts.deny forever.

2. BLOCK_SERVICE: the service name that should be blocked in 

HOSTS_DENY

Default value = sshd, By default, the service protects only ssh server, but it 

can be customized to other services.

3. ADMIN_EMAIL: if you would like to receive report from denyhosts.

Default value = root@localhost, but you can change this value to your email.

After changing the settings, you should restart the DenyHosts again:

sudo service denyhosts restart

The result of  DenyHosts you can see in the file:  /etc/hosts.deny





1 comment:

Simon Smith said...

I like denyhosts and have used it for years, but it seems like they've removed it from the official deb repository in 14.04, and you have to install it manually. See:

http://askubuntu.com/questions/433924/package-denyhosts-in-ubuntu-trusty-tahr-is-deleted-temporary-or-forever

I haven't messed around with the manual install yet.

solving error: Your current user or role does not have access to Kubernetes objects on this EKS cluster.

Trying to access EKS cluster with kubectl you might get an error similar to: Your current user or role does not have access to Kubernetes ob...