install and configure denyhosts for ssh on ubuntu 12.04

denyhosts bans your repeated ssh brute force offenders and keeps your logfiles smaller.

install denyhosts if it is not already installed.

sudo apt-get -y install denyhosts

edit /etc/hosts.allow and add your allowed ip addresses or host names to whitelist, preventing you from locking yourself out.

sudo nano /etc/hosts.allow

add the following exceptions to the file, matching your hosts:

sshd: 12.34.45.67
sshd: 34.56.78.90

restart denyhosts to commit the changes immediately.

sudo /etc/init.d/denyhosts restart

for fine grain control concerning ban times and alerts, optionally edit /etc/denyhosts.conf and adjust to suit your level of tolerance.

sudo nano /etc/denyhosts.conf

done. denyhosts is installed and will run at boot time. most brute force ssh attempts should still be logged, but restrictions are now enforced to blacklist offenders and bots.

Advertisements

Comments are closed.