1. Login into your server with root access
2. Change directory to:
# cd /tmp
3. Get the RPM installer:
# wget http://prdownloads.sourceforge.net/denyhos...n2.3.noarch.rpm
4. Unpack it:
# rpm -U DenyHosts-2.5-python2.3.noarch.rpm
5. Change to the rpm installed denyhosts directory:
# cd /usr/share/denyhosts
6. To list what you've got in there:
# ls
[The readme.txt is good background reading and this should take out any guesswork]
7. Create a new denyhosts.cfg file by:
# cp denyhosts.cfg-dist denyhosts.cfg
8. The denyhosts.cfg file is largely good to go for Ensim Linux
. There alot of help and recommendations in the .cfg file and you should consider enabling or disabling the following lines:
* Line 25 Logging for Macs - add a # at the beginning
This lines decide how many times you're prepared to let buggers have a go:
* Line 108 DENY_THRESHOLD_VALID = 5 [adjust to your needs]
* Line 119 DENY_THRESHOLD_INVALID = 10 [I reduced to 5 - your choice]
To enable or disable email reporting:
* Line 219 ADMIN_EMAIL [Add if you wish or disable with #]
* Line 230 SMTP_HOST [Default setting OK or disable with #]
* Line 231 SMTP_PORT [Std 25 or disable with #]
* Line 240 SMTP_USERNAME [Must use a mail account on that server or disable with #]
* Line 241 SMTP_PASSWORD[as Line 240]
* Line 250 SMTP_FROM [Default works or disable with #]
* Line 258 SMTP_SUBJECT [As you wish - default fine or disable with #]
* Line 271 SMTP_DATE_FORMAT[Default fine or disable with#]
To add denyhosts logging to your syslog
* Line 284/286 SYSLOG_REPORT [284=No 286=Yes - take your pick]
I would recommend running DenyHosts as a daemon so:
* Line 452/455 DAEMON_LOG_TIME_FORMAT [Pick one or other they both work]
* Line 475 DAEMON_LOG_MESSAGE_FORMAT [enable]
9. To run denyhosts as a daemon you need to:
# cp daemon-control-dist daemon-control
10. You don't need to edit the daemon-control file for Ensim
11. Change ownership and permissions on the daemon-control file:
# chown root daemon-control
# chmod 700 daemon-control
12. Now we've got to set up denyhosts to run as a daemon so change directory to :
# cd /etc/init.d
13. Once in /etc/init.d, it's necessary to map the denyhosts daemon file as follows:
# ln -s /usr/share/denyhosts/daemon-control denyhosts
# chkconfig --add denyhosts
14. To start the daemon I found it easier to change to another directory:
# cd /var/log
and then hit the 'GO' button with:
# /etc/init.d/denyhosts start
it'll take a minute or two to initialise and return you to your prompt #
15. Once it's running there are 4 files that you should look at:
a. /var/log/denyhosts - it shows your config preferences and IP's it's added to your /etc/host.deny file
b. /var/log/secure - lists SSH activity on the server
c. /var/spool/mail/root - daily system log for all server activity
d. /etc/hosts.deny - see what denyhosts has added (if you access your server from a static IP it'd be good insurance to add it to /etc/hosts.allow in the following format:
#
#
sshd: xxx.xx.xx.xxx (your IP address)(addl IP addresses on separate lines)
Comment: If you download the source file instead of the RPM:
x. unpack it in /tmp and run it with root access:
# tar zxvf DenyHosts-2.5-python2.3-tar.gz
y. Change to the new directory:
# cd /usr/share/denyhosts
z. And install using python
# python setup.py install
then you can carry on from item 6.
This has worked on all Ensim 4.*. If you get any real probs, send a mail to me or one directly to the http://denyhosts.sourceforge.net website.