In this tutorial, we will show you how to install DenyHost on Ubuntu 14.04 LTS. For those of you who didn’t know, DenyHosts is a log-based intrusion prevention security tool for SSH servers written in Python. It is intended to prevent brute-force attacks on SSH servers by monitoring invalid login attempts in the authentication log and blocking the originating IP addresses. Due to the simplicity of DenyHost and the ability to manually configure your rules it is widely used as an alternative to Fail2ban which is a bit more complicated to use and configure. DenyHosts unfortunately does not support IPv6.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of DenyHost on Ubuntu 14.04. You can follow the same instructions for any other Debian-based distribution like Linux Mint.
Prerequisites
- A server running one of the following operating systems: Ubuntu 14.04, and any other Debian-based distribution.
- It’s recommended that you use a fresh OS install to prevent any potential issues.
- SSH access to the server (or just open Terminal if you’re on a desktop).
- A
non-root sudo useror access to theroot user. We recommend acting as anon-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.
Install DenyHost on Ubuntu 14.04
Step 1. First of all, make sure that all packages are up to date.
apt-get update apt-get upgrade
Step 2. Install DenyHost.
DenyHosts is very easy to install on Ubuntu:
sudo apt-get install denyhosts
Step 3. Configure DenyHosts.
Once the Denyhosts are installed, make sure to whitelist your own IP address, so you will never get locked out. To do this, open a file /etc/hosts.allow:
sudo nano /etc/hosts.allow
Below the description, add each IP address one by one on a separate line, that you never want to block. The format should be as follows:
# hosts.allow This file contains access rules which are used to # allow or deny connections to network services that # either use the tcp_wrappers library or that have been # started through a tcp_wrappers-enabled xinetd. # # See 'man 5 hosts_options' and 'man 5 hosts_access' # for information on rule syntax. # See 'man tcpd' for information on tcp_wrappers # sshd: 114.124.37.154 sshd: 114.121.131.131 sshd: 172.16.25.156
You can further configure any settings in the DenyHosts.conf file by going to the following and updating according to your preference:
sudo nano /etc/denyhosts.conf
Save your work and restart DenyHosts with the following command:
sudo /etc/init.d/denyhosts restart
View DenyHosts logs:
tail -f /var/log/denyhosts tail -f /var/log/secure
Congratulations! You have successfully installed DenyHost. Thanks for using this tutorial for installing DenyHost on Ubuntu 14.04 system. For additional help or useful information, we recommend you check the official DenyHost website.
