Nowadays, the Internet is very insecure. Many people use some scanners to scan the ssh port and try to connect to the ssh port for brute-force cracking (brute-force scanning). Therefore, we recommend that you use the vps host space, set a complex ssh logon password as much as possible, although I have introduced some time ago that Linux VPS prohibits an IP address from accessing the hosts. deny prohibits access from some IP addresses, but lacks functions. For example, if it cannot be automatically blocked, is there any better way to use the denyhosts software, it will analyze log files such as/var/log/secure (redhat, Fedora Core, when you find that the same IP address is used for multiple SSH password attempts, the IP address is recorded in/etc/hosts. deny file to automatically block the IP address.
DenyHosts Official Website: http://denyhosts.sourceforge.net/
1. Download DenyHosts and decompress it.
# Wgethttp: // www.centoscn.com/tool/DenyHosts-2.6.tar.gz
# Tar zxvf DenyHosts-2.6.tar.gz
# Cd DenyHosts-2.6
2. installation, configuration, and startup
# Python setup. py install
By default, it is installed in the/usr/share/denyhosts/directory and the configuration file is modified in the corresponding directory.
# Cd/usr/share/denyhosts/
# Cp denyhosts. cfg-dist denyhosts. cfg
# Cp daemon-control-dist daemon-control
The default settings are applicable to the centos system environment. You can run the vi command to view denyhosts. cfg and daemon-control, which have detailed explanations.
Run the following command to start the denyhosts program:
# Chown root daemon-control
# Chmod 700 daemon-control
#./Daemon-control start
If You Want To Enable Automatic startup of DenyHosts after each restart, you also need to make the following settings:
# Cd/etc/init. d
# Ln-s/usr/share/denyhosts/daemon-control denyhosts
# Chkconfig -- add denyhosts
# Chkconfig -- level 2345 denyhosts on
Or execute the following command to modify the/etc/rc. local file:
# Echo "/usr/share/denyhosts/daemon-control start">/etc/rc. local
Description of DenyHosts configuration file denyhosts. cfg:
SECURE_LOG =/var/log/secure
# Sshd log file, which is determined based on this file. The file names vary slightly in different operating systems.
HOSTS_DENY =/etc/hosts. deny
# Control user login files
PURGE_DENY = 5 m
# How long will it take to clear prohibited
BLOCK_SERVICE = sshd
# Forbidden service name
DENY_THRESHOLD_INVALID = 1
# Number of failed invalid Users Allowed
DENY_THRESHOLD_VALID = 10
# Number of failed login attempts allowed for common users
DENY_THRESHOLD_ROOT = 5
# Number of root Login failures allowed
HOSTNAME_LOOKUP = NO
# Whether domain name resolution is performed
DAEMON_LOG =/var/log/denyhosts
For more information, see the built-in README text file. After the VPS is maintained, it will save some effort. However, VPSer has noticed that the security is relative and there is no absolute security, check your VPS host regularly or irregularly, and back up your data regularly.