On Wed, 13 Mar 2013, Marvin Kosmal wrote:
Hi
Thanks to everyone who replied..
I am running denyhosts on a machine that is remote and I do all my
work over ssh. The owner of the remote machine just upgrade the
machine I needed to reinstall everything.
When I say denyhosts is not working that means that people are trying
to ssh into that machine as root hunderds of times. Or trying to log
in with any name.
On the old machine. If you tried to log in as root one time, you were
denied access. If you tried to log in with bin you get 10 tries and
then were denied.
Now that is not happening.
As I was remote the first thing I always did was to put my ip address
in hosts allow. In the event I fell asleep and used the wrong
password several times in a row. I have several passwords I use at
different places.
So I launch denyhosts from the command line and it gets a pid and is
running. But, nothing happens. People try to ssh in and denyhosts
never comes up and denies access...
I didn't make a copy of my old config file... So I can't fall back on that.
I don't want to change the ssh port. Not my machine. ...
TIA
Marvin
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
As others have noted, make sure that you are using the
/var/lib/denyhosts/allowed-hosts and not /etc/hosts.allowed.
You say you are running it from the command line. I know this is
obvious, but I have to ask. Are you running it as root? If you're not,
it may not be able to get access to the log files it parses.
Here are the things that I had to check in the default
/etc/denyhosts.conf
to make it work for me:
1) Make sure that you have the right hosts.deny file chosen -- on some
machines it's hosts.allow, hosts.evil, etc. For me, it's
/etc/hosts.deny.
2) Make sure you have BLOCK_SERVICE set to what you want. I have it set
to ALL.
3) Check DENY_HOSTS_INVALID (number of times a nonuser name can be
tried) and DENY_HOSTS_VALID (number of times a real user name can be
tried) and make sure they are reasonable numbers. There are other user
categories, but those are the two that your test runs should hit on.
4) Make sure that WORK_DIR is correct. For me it is /var/lib/denyhosts.
5) Make sure you have logging turned on (SECURE_LOG). See point 8.
6) Since you say that you have it running in the foreground and is
really running, this is probably not the issue, but it might not hurt
to make sure that when it *isn't* running that there's no
/var/lock/subsys/denyhosts file.
7) Make sure that denyhosts is looking at the right file for
problems and that the failures are written in some standard way to the
log file it looks at. Do you have ssh set up to log failures to a file
other than /var/log/messages? Make sure that denyhosts knows where to
look.
8) Finally, you can increase the log level of denyhosts, either by
running it with --verbose or --debug options. That might tell you what
is going wrong.
HTH
billo
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
