Description of problem: The package DenyHosts appears to be missing from the installation DVD and repos. Could it be added for securing SSH. Thanks.
CC: (none) => ueberall
@ D Ski Please be as kind as to put an upstream link to the package in the URL field
CC: (none) => marja11Summary: Request DenyHosts package to secure SSH => DenyHosts, package to secure SSH
Setting version to cauldron to improve the chance that someone will package it. When it is in cauldron, it'll be in the next stable release after that, but it is also possible to reopen this request for Mga 1, then.
Version: 1 => CauldronSource RPM: (none) => denyhostsWhiteboard: (none) => Mdv
URL: (none) => http://denyhosts.sourceforge.net/index.html
CC: (none) => djmarian4uSummary: DenyHosts, package to secure SSH => denyHosts, package to secure SSH
CC: djmarian4u => (none)
*** Bug 4188 has been marked as a duplicate of this bug. ***
CC: (none) => adrien.daugabel
Submitted to Cauldron
Status: NEW => RESOLVEDCC: (none) => johnnyResolution: (none) => FIXEDTarget Milestone: --- => Mageia 3
Hello everyone. I just upgraded one of my servers to Mageia 2 and missing denyhosts is a pretty nasty surprise. I can't imagine running any server without denyhosts. NEVER EVER!!! It's as important as the SSH server itself. In my case it usually blocks more than 10 attacks each day. This definitely needs to be added into Mageia 2 too, without excuse! Please, build the package for mga2. Thanks in advance. Regards, Jaromir.
Priority: Normal => HighStatus: RESOLVED => REOPENEDCC: (none) => tavvvaResolution: FIXED => (none)Target Milestone: Mageia 3 => Mageia 2Severity: enhancement => critical
In the meantime, you may want to use fail2ban.
CC: (none) => davidwhodgins
Jaromir, you are a packager no ? So feel free to package it for mga1 and mga2 since it fallow the exception for package in mdv 2010.2 but missing in our distrib https://wiki.mageia.org/en/Updates_policy#Version_Policy
Version: Cauldron => 2
Hi guys. Since I was in hurry with the server upgrade, I built the package locally from the cauldron sources. I believe I can do the official builds for MGA1/MGA2 if the package lacks a maintainer. No problem ... J.
I'm the maintainer, so I'll do it.. :-)=
Status: REOPENED => ASSIGNEDAssignee: bugsquad => johnnyWhiteboard: Mdv => Mdv MGA1TOO, MGA2TOO
Note to QA: This is a noarch package Suggested advisory: =================== This update adds denyhosts, a script to help thwart ssh server attacks, that was present in Mandriva 2010.2, but missing from Mageia. =================== Updated packages in mga1: =================== denyhosts-2.6-2.1.mga1 Updated packages in mga2: =================== denyhosts-2.6-2.2.mga2 How to test: Install it. Perform 11 or more unsuccessfull ssh logins. About a minute after the 10'th or 11'th unsuccessfull login attempt, your IP is blocked in /etc/hosts.deny.
Assignee: johnny => qa-bugs
Thanks Johnny.
CC: (none) => stormiWhiteboard: Mdv MGA1TOO, MGA2TOO => Mdv MGA1TOO, MGA2TOO, has_procedure
I tried to test denyhosts on Mageia 2 (x86-64). No problem installing it, no regression doing ssh from a client, but I did not manage to trigger the failure mechanism (making a client with more than 10 consecutive ssh login failures appear in /etc/hosts.deny): For testing, I had removed .ssh/authorized_keys from my home directory on the server, and than tried to login with ssh from a client, more than 10 times. Each login tentative falls through to interactive (password) authentication and fails, as it should, after 3+2 iterations with: "Received disconnect from 192.168.0.10: 2: Too many authentication failures for harms" (192.168.0.10 is the machine with the ssh server) I repeated ssh 12 times and waited a couple of minutes - /etc/hosts.deny still contains the original default comment lines, no entry denying access from the client was added. I checked in /var/log/denyhost on the host: the contents look "normal", each tentative is logged, but there is no indication of threshold transgression. Is there a problem in my test procedure?
CC: (none) => juergen.harms
Did you actually Start the program? "/etc/init.d/denyhosts start"
(In reply to comment #12) > Is there a problem in my test procedure? Looks like it. From my /etc/hosts.deny ... # DenyHosts: Mon Aug 13 19:35:15 2012 | sshd: 192.168.10.102 sshd: 192.168.10.102 I installed and started denyhosts on a Mageia 1 i586 guest, then created a new user on the host, and repeatedly tried to ssh into the guest until it responded with "Connection closed by remote host", instead of asking for a password. Testing complete on Mageia 1. I'll test Mageia 2 shortly.
Testing complete on Mageia 2 (x86-64). Could someone from the sysadmin team push the srpm denyhosts-2.6-2.2.mga2.src.rpm from Mageia 2 Core Updates Testing to Core Updates and the srpm denyhosts-2.6-2.1.mga1.src.rpm from Mageia 1 Core Updates Testing to Core Updates. Advisory: This update adds denyhosts, a script to help thwart ssh server attacks, that was present in Mandriva 2010.2, but missing from Mageia.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugsWhiteboard: Mdv MGA1TOO, MGA2TOO, has_procedure => Mdv MGA1TOO, MGA2TOO, has_procedure MGA1-32-OK MGA2-64-OK
> did you actually Start the program? I did not, that explains. I got trapped by the difference between "the program" and "the service" - had concluded that having /var/log/denyhosts.log being correctly filled implied that "everything" is running. I now also checked: the denyhosts service correctly shows up in the list displayed by drakxservices and is flagged to start on boot. I will now do the testing on Mageia 1
Testing complete on Mageia 2 ( i586)
Whiteboard: Mdv MGA1TOO, MGA2TOO, has_procedure MGA1-32-OK MGA2-64-OK => Mdv MGA1TOO, MGA2TOO, has_procedure MGA1-32-OK MGA2-64-OK MGA2-32-OK
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0164
Status: ASSIGNED => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED