centos7 ssh登录限制(denyhosts)

今天登陆服务器,就看见提示信息.
There were 8925 failed login attempts since the last successful login.
牛牪犇逼啊
果断改了ssh的端口

vim /etc/ssh/sshd_conf
  Port 22  #修改端口号
systemctl restart sshd  #重启服务

无意间又看到DenyHosts这个小东西
yum安装,嗯,没有包.之后手动下载rpm了

wget http://ftp.tu-chemnitz.de/pub/linux/dag/redhat/el7/en/x86_64/rpmforge/RPMS/denyhosts-2.6-5.el7.rf.noarch.rpm
rpm -ivh denyhosts-2.6-5.el7.rf.noarch.rpm
systemctl start denyhosts
systemctl enable denyhosts.service
systemctl status denyhosts

另附偷来的配置文件

# grep -Ev '^#|^$' /etc/denyhosts.conf   
 ############ THESE SETTINGS ARE REQUIRED ############
SECURE_LOG = /var/log/secure
HOSTS_DENY = /etc/hosts.deny
PURGE_DENY = 4w        // ip被禁止之后，多久可以释放(w表示周，d表示天，h表示小时，m表示分钟)
BLOCK_SERVICE  = sshd     // 检测的服务
DENY_THRESHOLD_INVALID = 5     // 无效用户尝试次数之后即被锁定
DENY_THRESHOLD_VALID = 10      //  有效普通用户尝试次数
DENY_THRESHOLD_ROOT = 1       //   root用户尝试次数
DENY_THRESHOLD_RESTRICTED = 1    // 设定denyhosts将数据写入到/etc/hosts.deny文件中
WORK_DIR = /var/lib/denyhosts      //denyhosts工作数据目录
SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES
HOSTNAME_LOOKUP=YES     // 域名解析
LOCK_FILE = /var/lock/subsys/denyhosts
 ############ THESE SETTINGS ARE OPTIONAL ############
ADMIN_EMAIL = root
SMTP_HOST = localhost
SMTP_PORT = 25
SMTP_FROM = DenyHosts 
SMTP_SUBJECT = DenyHosts Report from $[HOSTNAME]
AGE_RESET_VALID=5d           //普通有效用户登陆计数清零时间
AGE_RESET_ROOT=25d        //root用户登陆计数清零时间
AGE_RESET_RESTRICTED=25d     // /etc/hosts.deny文件清除数据时间
AGE_RESET_INVALID=10d
 ######### THESE SETTINGS ARE SPECIFIC TO DAEMON MODE  ##########
DAEMON_LOG = /var/log/denyhosts
DAEMON_SLEEP = 30s
DAEMON_PURGE = 1h
 #########   THESE SETTINGS ARE SPECIFIC TO     ##########
 #########       DAEMON SYNCHRONIZATION         ##########

另外我又把ssh端口改回了22
每天看看/etc/hosts.deny有多少ip被屏蔽
你们尽管撞

撞出来我我我我重装镜像......(害怕

image.png

)