Configuring new denyhosts server from source
From Notes_Wiki
Home > CentOS > CentOS 6.x > Security tools > Securing remote shell access > Denyhosts configuration > Configuring new denyhosts server from source
Denyhosts has been deprecated as it is not being maintained. Please install and use fail2ban instead
- Download latest source code for denyhosts from Internet.
- Extract file using something like 'tar xzf DenyHosts-2.6.tar.gz'
- Go to created directory using something like 'cd DenyHosts-2.6
- Use command 'python setup.py install' to install denyhosts
- Go to '/usr/share/denyhosts' directory.
- cp denyhosts.cfg-dist denyhosts.cfg
- Edit 'denyhosts.cfg' file and make following changes
- PURGE_DENY = 12w
- PURGE_THRESHOLD = 2
- BLOCK_SERVICE = ALL
- DENY_THRESHOLD_ROOT = 10
- ADMIN_EMAIL = barjatiya.saurabh@gmail.com
- SYSLOG_REPORT = YES
- AGE_RESET_VALID = 2d
- AGE_RESET_ROOT = 2d
- RESET_ON_SUCCESS = YES
- DAEMON_SLEEP = 120S
- (Uncomment) 'SYNC_SERVER = ...' line
- SYNC_DOWNLOAD_THRESHOLD = 10
- mv daemon-control-dist daemon-control
- ln -s /usr/share/denyhosts/daemon-control /etc/init.d/denyhosts
- chkconfig --add denyhosts
- chkconfig denyhosts on
- service denyhosts start
- Go to folder '/usr/share/denyhosts/data'
- Create file 'allowed-hosts' and add IPs like
- 59.165.58.228
- 117.211.88.150
- 127.0.0.1
- to the file
- Use 'service denyhosts restart'
Home > CentOS > CentOS 6.x > Security tools > Securing remote shell access > Denyhosts configuration > Configuring new denyhosts server from source
