Add'l note: In this setup, (fink's denyhosts) the allowed-hosts file is here: /sw/share/denyhosts-py25/data/allowed-hosts
... while the hosts.deny file is here: /etc/hosts.deny Both of these may need to be created manually; this can be done with: sudo touch /sw/share/denyhosts-py25/data/allowed-hosts sudo touch /etc/hosts.deny ==== original message follows ==== In the interest of helping fellow MacOS users, I've collected the following tidbits that help make denyhosts work on MacOS 10.4. In addition to modifying the denyhosts.cfg file as recommended in the denyhosts FAQ, the following settings must be made in the sshd_config file: PasswordAuthentication no UsePAM yes UseDNS no These settings 1) bypass the rudimentary password authentication so that PAM can be triggered, 2) trigger PAM, and 3) allow IP addresses to be passed to asl.log so that they may be captured by the denyhosts REGEX pattern (otherwise the associated domain name is passed). (It is also wise to set "PermitRootLogin no" since most functions requiring root access can be accessed via the sudo command. I also set "LogLevel VERBOSE". For more info, see "man sshd_config".) To make these changes, the user opens a Terminal.app window and issues these commands: cp /etc/sshd_config ~/sshd_config.bak [this makes a copy of the original sshd_config file, just in case ;-)] sudo pico /etc/sshd_config [this uses the 'pico' text editor to access the sshd_config file] After making the changes above, the user exits pico, saving the file, and must then restart the ssh daemon. One way to restart the daemon is by using the System Preferences... command under the Apple Menu and clicking on the Sharing icon in the Internet & Network group. Now clicking the check box next to Remote Login will shut down the daemon and clicking it again will restart the daemon (the daemon is running when the box is checked). Another way to restart the daemon is to restart the computer (assuming the aforementioned box is checked). Hope this helps! --Robert ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Denyhosts-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/denyhosts-user
