下载并安装denyhosts:
[root@localhost ~]# wget https://nchc.dl.sourceforge.net/project/denyhosts/denyhosts/2.10/denyhosts-2.10.zip
[root@localhost ~]# unzip denyhosts-2.10.zip
[root@localhost ~]# cd denyhosts-2.10
[root@localhost denyhosts-2.10]# yum install python2 –y #安装python2.7环境
[root@localhost denyhosts-2.10]# python2 setup.py install
下图可知denyhosts在CentOS7下还是有些区别的,在CentOS8下并没有安装完就启动
[root@localhost denyhosts-2.10]# vim /etc/denyhosts.conf
SECURE_LOG = /var/log/secure #要读取安全日志路径
HOSTS_DENY = /etc/hosts.deny #将阻止IP写入到hosts.deny
PURGE_DENY = 1d #设定过多久后清除已阻止IP (m=分钟,h=小时,d=天,w=周)
BLOCK_SERVICE = sshd #阻止服务名
DENY_THRESHOLD_INVALID = 5 #允许无效用户登录失败的次数
DENY_THRESHOLD_VALID = 10 #允许普通用户登录失败的次数
DENY_THRESHOLD_ROOT = 3 #允许root登录失败的次数
DENY_THRESHOLD_RESTRICTED = 1 #设定 deny host 写入到该资料夹
WORK_DIR = /var/lib/denyhosts #将deny的host或ip纪录到Work_dir中
ETC_DIR = /etc #配置文件默认目录
SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES #假如设定为YES,那么已经设为白名单中的IP登陆失败也会被设为可疑,也会被列入黑名
HOSTNAME_LOOKUP=NO #是否做域名反解
LOCK_FILE = /var/lock/subsys/denyhosts #将DenyHOts启动的pid纪录到LOCK_FILE中,已确保服务正确启动,防止同时启动多个服务
IPTABLES = /sbin/iptables
#SMTP_HOST = localhost
#SMTP_PORT = 25
#SMTP_FROM = DenyHosts <nobody@localhost>
#SMTP_SUBJECT = DenyHosts Report
AGE_RESET_VALID=5d
AGE_RESET_ROOT=25d
AGE_RESET_RESTRICTED=25d
AGE_RESET_INVALID=10d
ALLOWED_HOSTS_HOSTNAME_LOOKUP=NO
DAEMON_LOG = /var/log/denyhosts #自己的日志文件
DAEMON_SLEEP = 30s
DAEMON_PURGE = 1d #该项与PURGE_DENY 设置成一样,也是清除hosts.deniedssh 用户的时间
SYNC_UPLOAD = no
SYNC_DOWNLOAD = no
[root@localhost denyhosts-2.10]# alternatives --set python /usr/bin/python2 #更改默认python
[root@localhost denyhosts-2.10]# denyhosts.py #尝试启动,报错,没有此文件
[root@localhost denyhosts-2.10]# cd /etc
[root@localhost etc]# touch hosts.deny
[root@localhost denyhosts-2.10]# denyhosts.py #未报错,但是无进程
[root@localhost denyhosts-2.10]# denyhosts.py --daemon --config=/etc/denyhosts.conf
测试结果: