Friday, 8 June 2012

linux CentOS 6.2 denyhosts installation

Linux Cenos 6.2, base system installed from: CentOS-6.0-x86_64-minimal.iso
# uname -a
Linux xxx 2.6.32-71.el6.x86_64
# yum install denyhosts
Loaded plugins: fastestmirror, presto
Loading mirror speeds from cached hostfile
 * base: mirror01.th.ifl.net
 * extras: mirror01.th.ifl.net
 * updates: mirror01.th.ifl.net
Setting up Install Process
No package denyhosts available.Error: Nothing to do
denyhosts package is not included in Centos repositories, but it's pretty easy to download sources and build it. Sourceforget denyhosts project website: http://sourceforge.net/projects/denyhosts/
# wget http://downloads.sourceforge.net/project/denyhosts/denyhosts/2.6/DenyHosts-2.6.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fdenyhosts%2Ffiles%2Fdenyhosts%2F2.6%2F&ts=1320260346&use_mirror=sunet
]# -bash: wget: command not found

ehm... "yum install wget" solved the problem, software downloaded, ungzip, untar.

# python setup.py install
# cd /usr/share/denyhosts
# cp daemon-control-dist /etc/init.d/denyhosts
# cp denyhosts.cfg-dist denyhosts.cfg

I have no idea why, but config specify this location as WORK_DIR, but this directory is not created by setup script by default, so...

# mkdir /usr/share/denyhosts/data

this is where you can create file "allowed-hosts" to white-list your trusted IPs, from denyhosts documentation: "Since it is quite possible for a user to mistype their password repeatedly it may be desirable to have DenyHosts prevent specific IP addresses from being added to /etc/hosts.deny. To address this issue, create a file named allowed-hosts in the WORK_DIR. Simply add an IP address, one per line. Any IP address that appears in this file will not be blocked."

# chkconfig --level 3 denyhosts on

# chkconfig --list denyhosts
make sure it's activated for level 3 and... all done here...

No comments:

Post a Comment