Сложих denyhosts настройх в denyhost.conf следното :
SECURE_LOG = /var/log/auth.log
HOSTS_DENY = /etc/hosts.evil
PURGE_DENY = 2w
BLOCK_SERVICE = sshd
DENY_THRESHOLD_INVALID = 5
DENY_THRESHOLD_VALID = 10
DENY_THRESHOLD_ROOT = 1
DENY_THRESHOLD_RESTRICTED = 1
WORK_DIR = /var/lib/denyhosts
SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES
HOSTNAME_LOOKUP=YES
LOCK_FILE = /var/run/denyhosts.pid
-----------------------------------------------------------------------------------------
стартирам : /etc/init.d/denyhosts.dpkg-new start
Starting DenyHosts: denyhosts.
-----------------------------------------------------------------------------------------
след това правя следното :
cat /var/log/denyhost
----
2011-08-29 13:35:57,840 - denyhosts : INFO restricted: set([])
2011-08-29 13:35:57,841 - denyhosts : INFO Processing log file (/var/log/auth.log) from offset (1271495)
2011-08-29 13:35:57,845 - denyhosts : INFO launching DenyHosts daemon (version 2.6)...
2011-08-29 13:35:57,853 - denyhosts : INFO DenyHosts daemon is now running, pid: 21640
2011-08-29 13:35:57,853 - denyhosts : INFO send daemon process a TERM signal to terminate cleanly
2011-08-29 13:35:57,853 - denyhosts : INFO eg. kill -TERM 21640
2011-08-29 13:35:57,856 - denyhosts : INFO monitoring log: /var/log/auth.log
2011-08-29 13:35:57,857 - denyhosts : INFO sync_time: 3600
2011-08-29 13:35:57,857 - denyhosts : INFO
purging of /etc/hosts.evil is disabled2011-08-29 13:35:57,857 - denyhosts : INFO
denyhosts synchronization disabled-----------
cat /etc/hosts.evil
# DenyHosts: Mon Aug 29 12:27:12 2011 | sshd: 78.128.54.166
sshd: 78.128.54.166
# DenyHosts: Mon Aug 29 12:27:12 2011 | sshd: 31.193.132.8
sshd: 31.193.132.8
# DenyHosts: Mon Aug 29 12:27:12 2011 | sshd: 192.168.0.2
sshd: 192.168.0.2
# DenyHosts: Mon Aug 29 12:27:12 2011 | sshd: 213.128.83.34
sshd: 213.128.83.34
# DenyHosts: Mon Aug 29 12:27:12 2011 | sshd: 211.202.3.84
sshd: 211.202.3.84
# DenyHosts: Mon Aug 29 12:27:12 2011 | sshd: 173.0.58.162
sshd: 173.0.58.162
# DenyHosts: Mon Aug 29 12:27:12 2011 | sshd: 87.120.171.135
sshd: 87.120.171.135
# DenyHosts: Mon Aug 29 12:27:12 2011 | sshd: 175.103.44.59
sshd: 175.103.44.59
# DenyHosts: Mon Aug 29 12:27:12 2011 | sshd: 218.15.221.84
sshd: 218.15.221.84
# DenyHosts: Mon Aug 29 12:27:12 2011 | sshd: 173.254.212.133
sshd: 173.254.212.133
# DenyHosts: Mon Aug 29 13:12:15 2011 | sshd: 192.168.1.83
sshd: 192.168.1.83
------------------------------------------------------------------------------------------
сега пробвах от друго PC, направих десетки грешки на root password-а и нито го блокира, само го добави в /etc/hosts.evil - последния запис. 192.168.1.83, спокойно мога да продължа да пробвам паролата на root.
....
П.С : промених hosts.evil с hosts.deny и заработи, но когато написах
ps -aux |grep denyhosts
Warning: bad ps syntax, perhaps a bogus '-'? See
http://procps.sf.net/faq.htmlroot 1842 0.0 0.0 3300 744 pts/1 S+ 14:32 0:00 grep denyhosts
Аз го стартирам още с boot-а на машината, настроил съм го с tool-а rcconf да е boot on startup, та въпроса ми е следния необходимо ли е добавяне в crontab за chek през определено време.