Difference between revisions of "Denyhosts"

From SME Server
Jump to navigationJump to search
(added Editing configuration section)
Line 39: Line 39:
 
Alternatively you can use the server-manager panel "Software installer" to add a new package and select smeserver-denyhosts (repo smecontribs must be enabled) then do the reconfiguration and reboot task, instead of steps 1 to 3, then refresh  your browser and configure denyhosts,.
 
Alternatively you can use the server-manager panel "Software installer" to add a new package and select smeserver-denyhosts (repo smecontribs must be enabled) then do the reconfiguration and reboot task, instead of steps 1 to 3, then refresh  your browser and configure denyhosts,.
  
 +
 +
=== Editing configuration ===
 +
 +
Q) How is an ip-address removed from the blocked list?
 +
 +
A) Edit the configuration file and and restart the service.
 +
 +
pico -w /etc/hosts.deny_ssh
 +
 +
Make required changes, then save & exit
 +
 +
ctrl + c
 +
 +
ctrl + x
 +
 +
/etc/init.d/denyhosts restart
  
 
=== Uninstall ===
 
=== Uninstall ===

Revision as of 20:42, 11 November 2008


Denyhosts SSH for SME7

Maintainer

Unnilennium aka Jean-Philippe PIALASSE (Contrib)

Description

  • Denyhosts bans hosts which failed too many login attempts to your ssh deamon.
  • It contains also a panel in the server manager to see who is blocked, add some allowed hosts not to block and enable or disable the service.


it needs the packages smeserver-denyhosts and denyhosts

Installation

1. Log in (with username root) to the SMEserver console.

2. Install smeserver-denyhosts

yum install smeserver-denyhosts --enablerepo=smecontribs

You will get a y/N-question, answer y if it looks fine.

3. Instructions at the end of previous installation advices the following commands:
signal-event post-upgrade and signal-event reboot

it is recommended to do so !


but you can skip that using /etc/e-smith/events/actions/navigation-conf

4. Open your webbrowser and go to the server-manager.
Under "Security" there should be a new line named "SSH Denyhosts".

You should go to it and configure all necessary allowed host before enabling the service


Alternatively you can use the server-manager panel "Software installer" to add a new package and select smeserver-denyhosts (repo smecontribs must be enabled) then do the reconfiguration and reboot task, instead of steps 1 to 3, then refresh your browser and configure denyhosts,.


Editing configuration

Q) How is an ip-address removed from the blocked list?

A) Edit the configuration file and and restart the service.

pico -w /etc/hosts.deny_ssh

Make required changes, then save & exit

ctrl + c

ctrl + x

/etc/init.d/denyhosts restart

Uninstall

yum remove smeserver-denyhosts denyhosts

or alternatively just remove them from the server-manager "Software installer"

Additional information

you can change the destination email account, instead of the default admin account, for this contribs using :

config setprop denyhosts AdminEmail youremail@yourdomaine.tld
signal-event conf-denyhosts


Check installed version

yum info installed smeserver-denyhosts