On 08/23/2006 03:35 PM, Matthew Miller wrote: > I don't think so. Denyhosts works by manipulating /etc/hosts.deny, which is > a security-sensitive config file which shouldn't be edited willy-nilly by > scripts. > > And, this won't even work in the configuration we use here (which while not > the fedora default is widespread good practice) -- put "ALL:ALL" in > /etc/hosts.deny and then explicitly enable the services and hosts you want > to let in in /etc/hosts.allow. You could use ALL:ALL in hosts.deny and put the following line into hosts.allow sshd: ALL EXCEPT /etc/hosts.denyhosts In /etc/denyhost change to the following lines HOSTS_DENY = /etc/hosts.denyhosts BLOCK_SERVICE = This is perhaps a better default for denyhosts? Lars -- Lars E. Pettersson <lars@xxxxxxxx> http://www.sm6rpz.se/ -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
