You are here

howto: setup and configure denyhosts

so browsing through your system logs you begin to notice that you have failed ssh attempts on your system. looking deeper you realise these credentials are for users that do not exist on your system. it dawns on you that someone (or something) is attempting to brute force their way into your system. what do you do?

install denyhosts then configure it!

installation is pretty simple with a

yum -y install denyhosts

next step you take is to configure it, but first, you read the fedora disclaimer located at : /usr/share/doc/denyhosts-2.6/README.fedora which says that the sync functionality isnt very stable and you make a decision.

so first things first, allow your local network access to your box:

echo "192.168.1.*" >> /var/lib/denyhosts/allowed-hosts

next, if you read the fedora disclaimer and decided to enable sync:

sed -i 's/#SYNC_SERVER/SYNC_SERVER/g' /etc/denyhosts.conf

then enable the service at bootup

systemctl enable denyhosts.service

and finally start it up

systemctl restart denyhosts.service

and you are off!

Comments

note if you are on a slow internet connection it might be wiser to change this setting to

HOSTNAME_LOOKUP=NO