How to Configure DenyHosts on CentOS 6


DenyHosts Logo
DenyHosts Logo

Before we start to configure DenyHosts. Make sure you have a CentOS 6 server already installed in your server and configured with a static IP address. Just in case, you didn’t know about DenyHosts you can read my previous article.

Install and configure DenyHosts on CentOS 6

Step 1:

Before starting, update your system firs with following command:

yum update

After that we can start the installation.

Step 2:

Now, use the following command to download the EPEL repository:

sudo rpm -Uvh http://mirror.metrocast.net/fedora/epel/6/i386/epel-release-6-8.noarch.rpm

And to install the DenyHost packages using this command:

sudo yum install denyhosts

In order to make denyhosts start at boot, use the folowing command:

#chkconfig denyhosts on

Be careful, to prevent your DenyHost’s server IP address from being denied during the installation. We will use the following command now:

vim /etc/hosts.allow

I prefer using vim, but you can try another command you like such as nano or vi.

And the following command to protect our address IP, you can find your address IP with this link. Don’t forget to replace “Your_IP” with your address:

sshd: Your_IP

Right now, we will block everything. So we will use the vim editor to open the file:

vim /etc/hosts.deny

And using the following line we will edit the file by adding it to the button of the file:

sshd: ALL **

Then we will save and restart DenyHost using the following command:

/etc/rc.d/init.d/denyhosts restart

Then, if you want to make any configuration of your installed DenyHosts you have to open the following file and update it according to your preference:

vim /etc/denyhosts.conf

Step 3:

To check denyhosts ssh logs to know how many attackers and hackers are attempted to gain access to your server use the following command:

# tail -f /var/log/secure

After that, if you want to remove a banned IP address from the denyhosts you should stop denyhosts first. The command is:

# /etc/rc.d/init.d/denyhosts stop

If you want to remove or delete the banned IP address completely, use the folowing command line:

# vim /etc/hosts.deny

# vim /var/lib/denyhosts/hosts

# vim /var/lib/denyhosts/hosts-restricted

# vim /var/lib/denyhosts/hosts-root

# vim /var/lib/denyhosts/hosts-valid

# vim /var/lib/denyhosts/users-hosts

After removing the banned IP address, you have to restart the denyhost using the following command:

# /etc/init.d/denyhosts start

If you want to find a specific address IP, the easiest way is to use the grep command like the following example by replacing wanted_IP with your selected address:

#cd /var/lib/denyhosts

grep wanted_IP *

Hope this tool will be useful for you sometime. Thanks! 🙂


About Desianto Abdillah 31 Articles
My name is Desianto Abdillah. I am a System Administrator. My experience as SysAdmin no more than two years, but i realy like to share somethings that i just learned and i just done. I more familiar with Linux SysAdmin than others sysadmin's function. I have high enthusiasm in IT, especially in SysAdmin world.