5

denyhosts won't automatically startup (Fedora 12)

view full story
linux-howto

http://www.linuxquestions.org – Hi all, I have recently installed denyhosts to help guard against bruteforce ssh attacks on my Fedora 12 server from the Fedora repositories. If I manually start denyhosts (as root) using: /usr/sbin/denyhosts.py --daemon it works fine. The denyhosts log file is created and indeed the /etc/hosts.deny file is updated. However if I make attempts to start denyhosts automatically upon the server restart denyhost fails with a permission denied error for /etc/hosts.deny (error 13) I have tried using chkconfig to enable /etc/init.d/denyhosts on run l (HowTos)

xskl's picture
Submitted by xskl on 07/13/2010 – Made popular on 07/13/2010

Stories similar to denyhosts won't automatically startup (Fedora 12)

I've been using denyhosts for a while and I noticed my /etc/hosts.deny is getting rather large. Denyhosts adds IPs to /etc/hosts.deny, and my denyhosts is configured to never purge IPs.

$ wc -l /etc/hosts.deny 22149 /etc/hosts.deny

Might this become a problem? I don't really understand how libwrap works.

DenyHosts is a Python script that analyzes the sshd server log messages to determine what hosts are attempting to hack into your system. It also determines what user accounts are being targeted. It keeps track of the frequency of attempts from each host.DenyHosts is designed for the use by Linux system administrators, the script can be useful to anybody running an sshd server.

My ip is blocked by DenyHosts but I followed the tutorial at http://denyhosts.sourceforge.net/faq.html#3_7 and in my allowed-hosts file I've the ip block XX.XX... How can I avoid my ip is blocked by DenyHosts again? Why doesn't the allowed-hosts rule didn't work?

I am using denyhosts on a server so in a config file /etc/denyhosts.conf the following value is set

Quote:

DENY_THRESHOLD_INVALID = 3

which as per their configuration file says

Quote:

DENY_THRESHOLD_INVALID: block each host after the number of failed login # attempts has exceeded this value.

Issues running denyhosts 34 weeks 5 days ago

I don't think I've posted this question before. A search of the forum comes up with similar posts but not this specific question, so here goes.

My server is/was running denyhosts. There were no issues with it until yesterday.

I have been trying to set up my MacOS X Server, which I recently upgraded to Mountain Lion, to use denyhosts as I need to open port 22 to it. denyhosts is set up and adds entries to /etc/hosts.deny so I decided to add my laptops IP to it in order to verify that it actually works but I can still log in and my IP shows up in /private/var/log/system.log.

On this link http://www.cyberciti.biz/faq/block-s...ith-denyhosts/ if you search following

Quote:

grep 'from' /var/log/auth.log|cut -d ' ' –field=13 | uniq -c | sort -nr > ct-result.txt

the comment says to grep all the IPs and put them to /etc/hosts.deny I want to try what comment is saying but when I do it I get following error

Quote:

How to configure sudoers to prevent having the Sorry, user ****** is not allowed to execute error message.

Background

For the purpose of testing how a python script under a less privileged user and group daemon account, there is a need to run:

$ sudo -u _denyhosts -g _denyhosts python /usr/local/bin/denyhosts.py -c /usr/share/denyhosts/denyhosts.cfg -n --purge --sync --verbose

The result is:

I know this is any unpopular subject but if anyone can help me navigate this madness I'd appreciate it.Why is it that denyhosts can't see it's own pid file?1)... [by todd_dsm]