DenyHosts

Marvin Kosmal mkosmal at gmail.com
Wed Mar 13 14:01:51 UTC 2013 

On Wed, Mar 13, 2013 at 6:13 AM, Bill Oliver <vendor at billoblog.com> wrote:
> Yeah, I run it.  It works.
>
> The only problem I have with it is that I have a script to use rsync to
> backup some directories on a virtual machine to a local machine.  Every time
> that happens, denyhosts adds the virtual machine to the hosts.deny list on
> the local machine.  I don't get it.  So, after every remote backup, I have
> to delete the remote machine from the file.  It's not that big a deal, and
> it's easier to manually modify hosts.deny than it is to find where the
> problem is...
>
> I have to say, though, that simply moving the ssh port away from 22 took
> care of 99.99% of the scripted attacks that I was getting.  I've had one or
> two since then, but they followed an honest-to-god port scan.  I'd disable
> password authentication if it were practical for my user's habits, but I
> tried it with a couple of road warriors and it just didn't fly.
>
> Have you tried to invoke it by failing your login multiple times?
>
> billo
>
>
> On Tue, 12 Mar 2013, Marvin Kosmal wrote:
>
>> Hi
>>
>> Is anyone running Denyhosts?
>>
>> I have it installed.. It says it is running but, nothing is happening..
>>
>> TIA
>>
>> Marvin
>> --


Hi

Thanks to everyone who replied..

I am running denyhosts on a machine that is remote and I do all my
work over ssh.  The owner of the remote machine just upgrade the
machine I needed to reinstall everything.

When I say denyhosts is not working that means that people are trying
to ssh into that machine as root hunderds of times.  Or trying to log
in with any name.

On the old machine.  If you tried to log in as root one time, you were
denied access.  If you tried to log in with bin you get 10 tries and
then were denied.

Now that is not happening.

As I was remote the first thing I always did was to put my ip address
in hosts allow.  In the event I fell asleep and used the wrong
password several times in a row.  I have several passwords I use at
different places.

So I launch denyhosts from the command line and it gets a pid and is
running.  But, nothing happens.  People try to ssh in and denyhosts
never comes up and denies access...

I didn't make a copy of my old config file...  So I can't fall back on that.

I don't want to change the ssh port.   Not my machine. ...

TIA

Marvin

More information about the users mailing list