Package denyhosts in Ubuntu Trusty Tahr is deleted: temporary or forever?

I am sorry denyhosts has reached this stage, but I think you answered your own question :

dead upstream; unmaintained; dysfunctional in sid

Unmaintained upstream projects will reside in the repos, with patches, until the packages can no longer patch, so looks like the end for denyhosts.

My best advice is to look for alternates.

Personally I harden my ssh server

And use iptables

sudo iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH --rsource -j ACCEPT
sudo iptables -A INPUT -m recent --update --seconds 600 --hitcount 8 --rttl --name SSH --rsource -j DROP

See http://bodhizazen.com/Tutorials/iptables

all the links in this post are from my LUG ;)

No, it's not comming back. bodhi offers some good suggestion on how you can replace it, but it's also worth explaining why it was remove.

It was removed in Debian at the request of the Debian Security Team:

There are unaddressed security issues (e.g. #692229).

The tool is dead upstream (last release 2008).

There is a viable alternative, fail2ban, that provides the same or increased feature set.

You might also want to check out this question on ServerFault:

Denyhosts vs fail2ban vs iptables- best way to prevent brute force logons?

While DenyHosts is not available as a package in Ubuntu, there is a fork of the upstream project here: http://denyhost.sf.net The fork includes security patches and better supports Ubuntu. You can install it by downloading the tarball and running

tar xzf denyhost-2.7.tar.gz
cd DenyHosts-2.7
sudo python setup.py install

Package denyhosts in Ubuntu Trusty Tahr is deleted: temporary or forever?

Tags:

Security

Unsupported Packages

Related

Recent Posts