3,240
edits
Changes
From SME Server
Jump to navigationJump to search→Bugs
{{Languages|Denyhosts}}
{{Languages|Denyhosts}}
=Denyhosts SSH for SME7=
=Denyhosts SSH=
{{ #smeversion: smeserver-denyhosts }}
{{ #smeversion: denyhosts }}
=== Maintainer ===
=== Maintainer ===
=== Installation ===
=== Installation ===
# Log in (with username root) to the SMEserver console.
# Install smeserver-denyhosts<pre>/usr/bin/yum install smeserver-denyhosts --enablerepo=smecontribs</pre> You will get a y/N-question, answer y if it looks fine. There is no need to reboot the server.
# Open your webbrowser and go to the server-manager.<br>Under "Security" there should be a new line named "SSH Denyhosts". You should go to it and configure all necessary allowed hosts before enabling the service. When done set status to 'enabled'.
Alternatively you can use the server-manager panel "Software installer" to add a new package and select smeserver-denyhosts (repo smecontribs must be enabled) then do the reconfiguration and reboot task, instead of steps 1 and 2, then refresh your browser and configure denyhosts,.
=== Editing configuration ===
Q) How can the denyhost configuration be customized?
A) You must copy the templates to the templates-custom directory and modify the appropriate fragments.
mkdir -p /etc/e-smith/templates-custom/etc/denyhosts.conf
cd /etc/e-smith/templates-custom/etc/denyhosts.conf/
cp ../../../templates/etc/denyhosts.conf/* .
Now edit the appropriate files. See the [http://denyhosts.sourceforge.net/faq.html Denyhosts FAQ] for details. When done make your changes effective:
signal-event conf-denyhosts
Q) How is an ip-address removed from the blocked list?
A) Edit the configuration file and and restart the service.
pico -w /etc/hosts.deny_ssh
Make required changes, then save & exit
ctrl + c
=== Editing configuration ===
ctrl + x
/etc/init.d/denyhosts restart
==== precaution ====
when you edit the /etc/hosts.deny_ssh
you should delete both the IP and comment line
otherwise it will not work
for example you want to let '''192.168.3.3''' to have access and you find this
# DenyHosts: Thu Feb 14 19:03:30 2013 | 192.168.1.1
192.168.1.1
# DenyHosts: Thu Feb 14 22:36:00 2013 | 192.168.2.2
192.168.2.2
'''# DenyHosts: Fri Feb 15 08:44:09 2013 | 192.168.3.3'''
'''192.168.3.3'''
# DenyHosts: Fri Feb 15 10:44:39 2013 | 192.168.n.n
192.168.n.n
if you delete only the IP (not the comment also) the block ban will not be raised for IP 192.168.3.3 after the restart of the service
# DenyHosts: Thu Feb 14 19:03:30 2013 | 192.168.1.1
192.168.1.1
# DenyHosts: Thu Feb 14 22:36:00 2013 | 192.168.2.2
192.168.2.2
'''# DenyHosts: Fri Feb 15 08:44:09 2013 | 192.168.3.3'''
# DenyHosts: Fri Feb 15 10:44:39 2013 | 192.168.n.n
192.168.n.n
or if you change to another IP it seems to don't work
# DenyHosts: Thu Feb 14 19:03:30 2013 | 192.168.1.1
192.168.1.1
# DenyHosts: Thu Feb 14 22:36:00 2013 | 192.168.2.2
192.168.2.2
# DenyHosts: Fri Feb 15 08:44:09 2013 | '''192.168.3.3'''
'''192.168.a.a'''
# DenyHosts: Fri Feb 15 10:44:39 2013 | 192.168.n.n
192.168.n.n
you should delete both lines (IP + comment)
# DenyHosts: Thu Feb 14 19:03:30 2013 | 192.168.1.1
192.168.1.1
# DenyHosts: Thu Feb 14 22:36:00 2013 | 192.168.2.2
192.168.2.2
# DenyHosts: Fri Feb 15 10:44:39 2013 | 192.168.n.n
192.168.n.n
and then restart the service
/etc/init.d/denyhosts restart
/etc/init.d/denyhosts restart
=== Check installed version ===
=== Check installed version ===
yum info installed smeserver-denyhosts
yum info installed smeserver-denyhosts
=== Bugs===
Please raise bugs under the SME Contribs section in {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-denyhosts|title=bugzilla}}.
{{#bugzilla:columns=id,product,version,status,summary |sort=id |order=desc |component=smeserver-denyhosts|noresultsmessage="No open bugs found."}}
===Changelog===
Only released version in smecontrib are listed here.
{{ #smechangelog: smeserver-denyhosts}}
----
----
[[Category: Contrib]]
[[Category: Contrib]]
[[Category: Administration]]
[[Category: Administration:Remote Access]]
[[Category: Security]]
