On 03/14/13 13:03, Marvin Kosmal wrote: > On Wed, Mar 13, 2013 at 9:46 PM, Ed Greshko <Ed.Greshko@xxxxxxxxxxx> wrote: >> On 03/14/13 12:33, Marvin Kosmal wrote: >>> On Tue, Mar 12, 2013 at 8:29 PM, Marvin Kosmal <mkosmal@xxxxxxxxx> wrote: >>>> Hi >>>> >>>> Is anyone running Denyhosts? >>>> >>>> I have it installed.. It says it is running but, nothing is happening.. >>>> >>>> TIA >>>> >>>> Marvin >>> >>> >>> This is from my log file >>> >>> >>> Mar 13 21:05:01 - denyhosts : INFO restricted: set([]) >>> Mar 13 21:05:01 - denyhosts : INFO Processing log file >>> (/var/log/messages) from offset (0) >>> Mar 13 21:05:01 - denyhosts : INFO launching DenyHosts daemon >>> (version 2.6)... >>> Mar 13 21:05:01 - denyhosts : INFO DenyHosts daemon is now >>> running, pid: 31528 >>> Mar 13 21:05:01 - denyhosts : INFO send daemon process a TERM >>> signal to terminate cleanly >>> Mar 13 21:05:01 - denyhosts : INFO eg. kill -TERM 31528 >>> Mar 13 21:05:01 - denyhosts : INFO monitoring log: /var/log/messages >>> Mar 13 21:05:01 - denyhosts : INFO sync_time: 3600 >>> Mar 13 21:05:01 - denyhosts : INFO purging of /etc/hosts.deny is disabled >>> Mar 13 21:05:01 - denyhosts : INFO denyhosts synchronization disabled >>> >>> Does this really mean it starts and shuts down immediately.?? >>> >>> Or don't I understand the log? >>> >> I just installed it for testing purposes...no real intention to use it. However, I don't see what you see. >> >> [egreshko@f18x ~]$ systemctl status denyhosts.service >> denyhosts.service - SSH log watcher >> Loaded: loaded (/usr/lib/systemd/system/denyhosts.service; enabled) >> Active: active (running) since Wed 2013-03-13 23:57:37 CST; 12h ago >> Process: 7901 ExecStart=/usr/bin/denyhosts.py --daemon --config=/etc/denyhosts.conf (code=exited, status=0/SUCCESS) >> Process: 7899 ExecStartPre=/bin/rm -f /run/lock/subsys/denyhosts (code=exited, status=0/SUCCESS) >> Main PID: 7906 (denyhosts.py) >> CGroup: name=systemd:/system/denyhosts.service >> └─7906 /usr/bin/python /usr/bin/denyhosts.py --daemon --confi... >> >> [root@f18x ~]# ps -eaf | grep deny >> root 7906 1 0 Mar13 ? 00:00:00 /usr/bin/python /usr/bin/denyhosts.py --daemon --config=/etc/denyhosts.conf >> >> So, it has been running since yesterday. >> >> > > What do you have in /etc/log/auth.log > > I have this kind of stuff in mine > > > Mar 13 09:27:58 kosmal sshd[31232]: Failed password for root from > 88.191.154.90 port 51934 ssh2 > Mar 13 09:27:58 kosmal sshd[31232]: Received disconnect from > 88.191.154.90: 11: Bye Bye [preauth] First, does this mean you've found out that all is now running fine on your system? Second, I have no /etc/log/auth.log but do have /var/log/secure log and that is what is defined as the log to be scanned in /etc/denyhosts.conf. # Redhat or Fedora Core: SECURE_LOG = /var/log/secure # # Mandrake, FreeBSD or OpenBSD: #SECURE_LOG = /var/log/auth.log # # SuSE: #SECURE_LOG = /var/log/messages Is your configuration correct? > > On the old box denyhost would kill that on the second try.. Not now.. > > Plus my config file is somewhere else.. > > What version are you running? denyhosts-2.6-27.fc18.noarch And, after causing login failures.... The line sshd: 192.168.0.194 is added to /etc/hosts.deny -- >From now on, at least during winter time, Im going to blame all spelling an grammar erros on the cat sitting on my chest every time I sit down at the computer.... -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
