Hi, I've just implemented denyhosts on our ssh servers in our lab (we have about 25 ssh servers being used for programming and general education classes). It is working very well for most cases. I'm running it on Mac OSX 10.4, Solaris 9 & 10.
I want to keep hosts from our local network from being entered into / etc/hosts.deny (we have some very inexperienced users). I've read that allowed-hosts (in the WORKING DIRECTORY) will accept CIDR notation but it doesn't appear to be working. Here is the info about the allowed-hosts file from the logging file when I am running with the --debug flag (ips changed): 2007-11-09 09:56:51,723 - AllowedHosts: DEBUG initializing AllowedHosts 2007-11-09 09:56:51,724 - AllowedHosts: DEBUG line: 1.1.0.0/16 - regex match? True 2007-11-09 09:56:51,724 - AllowedHosts: DEBUG line: 1.1.1.8 - regex match? True 2007-11-09 09:56:51,725 - AllowedHosts: DEBUG allowed_hosts: ['1.1.1.8', '1.1.0.0'] 2007-11-09 09:56:51,725 - AllowedHosts: DEBUG done initializing AllowedHosts Notice that the set of allowed_hosts doesn't include anything that indicates that the CIDR notation was recognized. If I attempt to login from one of the local clients with a bad password but valid user and exceed the DENY_THRESHOLD_VALID the local client is added to /etc/hosts.deny. Thanks, Julie ===================================================== Julie D. Gorman, Computer Science, CSU Stanislaus One University Circle Turlock, CA 95382 || 209 667-3273 ===================================================== [EMAIL PROTECTED] || " Imagine all the people living life in peace " ===================================================== ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Denyhosts-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/denyhosts-user
