Linux服务器安全：SSH如何防破解(2)

DAEMON_LOG = /var/log/denyhosts   #自己的日志文件  
 
DAEMON_PURGE = 10m      #该项与PURGE_DENY 设置成一样，也是清除hosts.deniedssh 用户的时间。
 
DenyHosts启动文件配置
[root@switch denyhosts]# cp daemon-control-dist daemon-control
[root@switch denyhosts]# chown root daemon-control
[root@switch denyhosts]# chmod 700 daemon-control
[root@switch denyhosts]# ./daemon-control     #DenyHosts命令格式
Usage: ./daemon-control {start [args...] | stop | restart [args...] | status | debug | condrestart [args...] }
 
For a list of valid args refer to:
$ denyhosts.py --help
[root@switch denyhosts]# ./daemon-control start         #启动DenyHosts
starting DenyHosts:    /usr/bin/env python /usr/bin/denyhosts.py --daemon --config=/usr/share/denyhosts/denyhosts.cfg
如果要使DenyHosts每次重起后自动启动还需做如下设置：
[root@switch denyhosts]# ln -s /usr/share/denyhosts/daemon-control /etc/init.d/denyhosts
[root@switch denyhosts]# chkconfig --add denyhosts
[root@switch denyhosts]# chkconfig  denyhosts on
[root@switch denyhosts]#chkconfig –level 2345 denyhosts on
或者修改/etc/rc.local文件：
root@switch denyhosts]# vi /etc/rc.local
加入下面这条命令
/usr/share/denyhosts/daemon-control start
 
[root@switch denyhosts]# tail -f /var/log/secure
Aug  5 19:20:51 switch sshd[5831]: Accepted password for root from ::ffff:192.168.1.31 port 1744 ssh2
Aug  5 19:21:00 switch sshd[5831]: Received disconnect from ::ffff:192.168.1.31: 0:
Aug  5 19:21:02 switch sshd[5865]: Accepted password for root from ::ffff:192.168.1.31 port 1745 ssh2
Aug  5 19:30:25 switch sshd[5865]: Received disconnect from ::ffff:192.168.1.31: 0:
Aug  5 19:33:48 switch sshd[5962]: Failed password for test from ::ffff:192.168.1.31 port 175