You are not logged in.
- Topics: Active | Unanswered
#1 2009-03-28 10:12:34
- archlinuxsagi
- Member
- Registered: 2008-09-12
- Posts: 259
[Solved] securing SSH with Denyhosts: queries
I am trying to deny hacking/probing of my ssh port for my home linux server.
There are several ways to do this that I know of and I choose denyhost.
I have a requirement such that I can access my home server from everywhere and hence I place
in my /etc/hosts.allow
sshd : ALL : ALLOWBut with the code above, any entries placed by denyhosts in /etc/hosts.deny doesn't take effect.
Any without the code above and I can't access from anywhere.
It is not possible for me to place IP address range in /etc/hosts.allow since I will ssh from anywhere and the IP address is dynamic.
I am enquirying my fellow experienced Archers on how to make the entries made by Denyhosts workable
especially those who are sshing from everywhere.
I have already made ssh secure by disabling password authentication and even change the port address just a couple of hours ago.
But I still find probing/hacking attempts in /var/log/auth.log
Last edited by archlinuxsagi (2009-03-28 10:35:32)
Offline
#2 2009-03-28 10:34:55
- archlinuxsagi
- Member
- Registered: 2008-09-12
- Posts: 259
Re: [Solved] securing SSH with Denyhosts: queries
looks like I gave up too fast. 
The below faq by denyhosts solved it.
Can I use a non-standard hosts.deny file?
Yes. To do so follow this procedure:
edit your HOSTS_DENY configuration value to point it to another file such as "/etc/hosts.evil".
edit your BLOCK_SERVICE configuration value and leave it blank
edit your /etc/hosts.allow file and add:
sshd: ALL EXCEPT /etc/hosts.evil
issue the following command:
touch /etc/hosts.evil
This will result in tcp_wrappers allowing all hosts to login except for those hosts explicitly listed in /etc/hosts.evil.Offline
#3 2009-03-28 22:39:23
- rwd
- Member
- Registered: 2009-02-08
- Posts: 664
Re: [Solved] securing SSH with Denyhosts: queries
Blocking ip adresses is not a real security measure btw as they can be spoofed.
Offline
#4 2009-03-29 01:53:54
- Daenyth
- Forum Fellow
- From: Boston, MA
- Registered: 2008-02-24
- Posts: 1,244
Re: [Solved] securing SSH with Denyhosts: queries
You're better off using iptables than denyhosts.
[git] | [AURpkgs] | [arch-games]
Offline