Denyhosts

From SME Server
Revision as of 20:42, 11 November 2008 by RayMitchell (talk | contribs) (added Editing configuration section)
Jump to navigation Jump to search


Denyhosts SSH for SME7

Maintainer

Unnilennium aka Jean-Philippe PIALASSE (Contrib)

Description

  • Denyhosts bans hosts which failed too many login attempts to your ssh deamon.
  • It contains also a panel in the server manager to see who is blocked, add some allowed hosts not to block and enable or disable the service.


it needs the packages smeserver-denyhosts and denyhosts

Installation

1. Log in (with username root) to the SMEserver console.

2. Install smeserver-denyhosts

yum install smeserver-denyhosts --enablerepo=smecontribs

You will get a y/N-question, answer y if it looks fine.

3. Instructions at the end of previous installation advices the following commands:
signal-event post-upgrade and signal-event reboot

it is recommended to do so !


but you can skip that using /etc/e-smith/events/actions/navigation-conf

4. Open your webbrowser and go to the server-manager.
Under "Security" there should be a new line named "SSH Denyhosts".

You should go to it and configure all necessary allowed host before enabling the service


Alternatively you can use the server-manager panel "Software installer" to add a new package and select smeserver-denyhosts (repo smecontribs must be enabled) then do the reconfiguration and reboot task, instead of steps 1 to 3, then refresh your browser and configure denyhosts,.


Editing configuration

Q) How is an ip-address removed from the blocked list?

A) Edit the configuration file and and restart the service.

pico -w /etc/hosts.deny_ssh

Make required changes, then save & exit

ctrl + c

ctrl + x

/etc/init.d/denyhosts restart

Uninstall

yum remove smeserver-denyhosts denyhosts

or alternatively just remove them from the server-manager "Software installer"

Additional information

you can change the destination email account, instead of the default admin account, for this contribs using :

config setprop denyhosts AdminEmail youremail@yourdomaine.tld
signal-event conf-denyhosts


Check installed version

yum info installed smeserver-denyhosts