denyhosts questions - Page 1

samwell

Asked: 2011-12-14 10:13:19 +0800 CST

How to block all root login attempts using denyhosts and or fail2ban?

10

I currently block all ssh logins using root. But I wanted to go the extra mile and block the ip address of the client who tried to login as root. I currently have denyhosts and fail2ban setup and working, can I use denyhosts and or fail2ban to block the ip addresses of those who try to login as root?

Dougal

Asked: 2011-08-08 03:26:39 +0800 CST

Any point using Denyhosts for SSH when only RSA key logins are allowed anyway?

5

Right, so if I can only SSH into my box by having the appropriate RSA keys configured, is there any point in using Denyhosts for SSH as well? Or is Denyhosts only looking at keyboard-interactive / password logins for SSH?

Don't get me wrong, Denyhosts is the absolute mac-daddy, but I've recently switched off keyboard-interactive logins altogether and wondered if it was worth still keeping Denyhosts running.

(If you don't know Denyhosts, it basically maintains - and uses - an IP blacklist of people who keep trying to get into SSH but with the wrong username / password etc.)

John

Asked: 2010-10-12 16:49:41 +0800 CST

How to delete ip address from denyhosts

6

I was experimenting with denyhosts from my home computer and now it has blocked my ip address and put in /etc/hosts.deny.

Now my ip is not static and it chnages every week so i cna have fixed ip in hosts.allow.

I tried manually deleting that ip from /etc/hosts.deny and it again adds that address after 5 mins.

How can i manually delete the blocked ip address from denyhosts

centos

Trey Parkman

Asked: 2010-06-06 12:12:58 +0800 CST

fail2ban and denyhosts constantly ban me on Ubuntu

6

I just got an Ubuntu instance on Linode. To secure the SSH on it, I installed fail2ban (using apt-get), but then had a problem: fail2ban kept banning my IP (for limited durations, thankfully) even though I was entering the correct password. So I removed fail2ban and installed denyhosts instead. Same problem, but more severe: It seems like every time I SSH in, my IP gets banned. I remove it from /etc/hosts.deny, restart denyhosts and log in again, and my IP gets banned again.

The only explanation I can think of is that I've been SSH-ing in as root (yes, yes, I know); maybe something is set somewhere that blocks anyone who SSH-es in as root, even if they log in successfully? This seems bizarre to me. Any ideas? (Whitelisting my IP is a temporary fix. I don't want to only be able to log on from one IP.)

spiffytech

Asked: 2010-04-03 17:07:49 +0800 CST

Denyhosts vs fail2ban vs iptables- best way to prevent brute force logons?

65

I'm setting up a LAMP server and need to prevent SSH/FTP/etc. brute-force logon attempts from succeeding. I've seen many recommendations for both denyhosts and fail2ban, but few comparisons of the two. I also read that an IPTables rule can fill the same function.

Why would I choose one of these methods over another? How do people on serverfault handle this problem?

How to block all root login attempts using denyhosts and or fail2ban?

Any point using Denyhosts for SSH when only RSA key logins are allowed anyway?

How to delete ip address from denyhosts

fail2ban and denyhosts constantly ban me on Ubuntu

Denyhosts vs fail2ban vs iptables- best way to prevent brute force logons?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?

Questions[denyhosts](server)