denyhosts quandry

denyhosts quandry

[Tyler Littlefield]

Hello list,
I have a quick question.
I am running denyhosts on my linux system, to try to keep out attackers from running a password cracker on my ssh.
It's caught a few, but it seems to be screaming when I log in with win SCP.
Basically, every time I log in, it just blocks my host out.
Is there a way I can either get it to stop, or possibly set it to not block that host?
I'm not sure why WIN SCP would trigger a denyhosts, as as far as I know, it runs when a password is incorrect.
Unless win SCP sends an invalid login for some reason first, or something of that sort.


Thanks,
Tyler Littlefield
Web: tysdomain.com
email: tyler@tysdomain.com
My programs don't have bugs, they're called randomly added features.

Re: denyhosts quandry

[Chris Brannon]

> I am running denyhosts on my linux system, to try to keep out attackers from 
> running a password cracker on my ssh.

There is a really easy way to protect ssh from password attacks.
Only allow public-key authentication.
Require that people authenticate with a key when connecting, and disallow
password-based authentication.
See your local ssh_config manpage.

-- Chris

Re: denyhosts quandry

[Tyler Littlefield]

that would kill win SCP, which is my local editor, or I'd be up for that.


Thanks,
Tyler Littlefield
Web: tysdomain.com
email: tyler@tysdomain.com
My programs don't have bugs, they're called randomly added features.

----- Original Message ----- 
From: "Chris Brannon" <cmbrannon@cox.net>
To: "Speakup is a screen review system for Linux." <speakup@braille.uwo.ca>
Sent: Thursday, March 19, 2009 8:42 PM
Subject: Re: denyhosts quandry


>> I am running denyhosts on my linux system, to try to keep out attackers 
>> from
>> running a password cracker on my ssh.
>
> There is a really easy way to protect ssh from password attacks.
> Only allow public-key authentication.
> Require that people authenticate with a key when connecting, and disallow
> password-based authentication.
> See your local ssh_config manpage.
>
> -- Chris
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup 

RE: denyhosts quandry

[James Homuth]

Before you start looking for an app to blame, check the logs. Open a SSH
session, tail -F /bath/to/ssh.log, then load WinSCP. Then you'll know
precisely what's causing Denyhosts to freak out. 

-----Original Message-----
From: speakup-bounces@braille.uwo.ca [mailto:speakup-bounces@braille.uwo.ca]
On Behalf Of Tyler Littlefield
Sent: March 19, 2009 10:26 PM
To: Speakup is a screen review system for Linux.
Subject: denyhosts quandry

Hello list,
I have a quick question.
I am running denyhosts on my linux system, to try to keep out attackers from
running a password cracker on my ssh.
It's caught a few, but it seems to be screaming when I log in with win SCP.
Basically, every time I log in, it just blocks my host out.
Is there a way I can either get it to stop, or possibly set it to not block
that host?
I'm not sure why WIN SCP would trigger a denyhosts, as as far as I know, it
runs when a password is incorrect.
Unless win SCP sends an invalid login for some reason first, or something of
that sort.


Thanks,
Tyler Littlefield
Web: tysdomain.com
email: tyler@tysdomain.com
My programs don't have bugs, they're called randomly added features.
_______________________________________________
Speakup mailing list
Speakup@braille.uwo.ca
http://speech.braille.uwo.ca/mailman/listinfo/speakup

Re: denyhosts quandry

[Kirk Reiser]

A package I just recently found and have installed on a couple of
systems is fail2ban which has a bunch of popular rule sets included
and is easily expandable by the user.  Basically it parses your
systems logs and then performas ip blocks with iptables based on your
specifications.  It has ssh buffer overrun pertection built-in by
default.  It also has others you can easily enable.  There's a debian
package so I imagine there are packages available for other distro's
as well.

   Kirk
--
Kirk Reiser				The Computer Braille Facility
e-mail: kirk@braille.uwo.ca		University of Western Ontario
phone: (519) 661-3061

RE: denyhosts quandry

[Tom Moore]

I second the fail2ban suggestion.
It's a nice program that will probably do what you want.

Tom
 

-----Original Message-----
From: speakup-bounces@braille.uwo.ca [mailto:speakup-bounces@braille.uwo.ca]
On Behalf Of Kirk Reiser
Sent: Friday, March 20, 2009 8:58 AM
To: Speakup is a screen review system for Linux.
Subject: Re: denyhosts quandry

A package I just recently found and have installed on a couple of systems is
fail2ban which has a bunch of popular rule sets included and is easily
expandable by the user.  Basically it parses your systems logs and then
performas ip blocks with iptables based on your specifications.  It has ssh
buffer overrun pertection built-in by default.  It also has others you can
easily enable.  There's a debian package so I imagine there are packages
available for other distro's as well.

   Kirk
--
Kirk Reiser				The Computer Braille Facility
e-mail: kirk@braille.uwo.ca		University of Western Ontario
phone: (519) 661-3061
_______________________________________________
Speakup mailing list
Speakup@braille.uwo.ca
http://speech.braille.uwo.ca/mailman/listinfo/speakup

Re: denyhosts quandry

[Tyler Littlefield]

will do. thanks.
Blaming an app is so much easier. ;)


Thanks,
Tyler Littlefield
Web: tysdomain.com
email: tyler@tysdomain.com
My programs don't have bugs, they're called randomly added features.

----- Original Message ----- 
From: "James Homuth" <james@the-jdh.com>
To: "'Speakup is a screen review system for Linux.'" 
<speakup@braille.uwo.ca>
Sent: Friday, March 20, 2009 1:21 AM
Subject: RE: denyhosts quandry


> Before you start looking for an app to blame, check the logs. Open a SSH
> session, tail -F /bath/to/ssh.log, then load WinSCP. Then you'll know
> precisely what's causing Denyhosts to freak out.
>
> -----Original Message-----
> From: speakup-bounces@braille.uwo.ca 
> [mailto:speakup-bounces@braille.uwo.ca]
> On Behalf Of Tyler Littlefield
> Sent: March 19, 2009 10:26 PM
> To: Speakup is a screen review system for Linux.
> Subject: denyhosts quandry
>
> Hello list,
> I have a quick question.
> I am running denyhosts on my linux system, to try to keep out attackers 
> from
> running a password cracker on my ssh.
> It's caught a few, but it seems to be screaming when I log in with win 
> SCP.
> Basically, every time I log in, it just blocks my host out.
> Is there a way I can either get it to stop, or possibly set it to not 
> block
> that host?
> I'm not sure why WIN SCP would trigger a denyhosts, as as far as I know, 
> it
> runs when a password is incorrect.
> Unless win SCP sends an invalid login for some reason first, or something 
> of
> that sort.
>
>
> Thanks,
> Tyler Littlefield
> Web: tysdomain.com
> email: tyler@tysdomain.com
> My programs don't have bugs, they're called randomly added features.
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup 

Re: denyhosts quandry

[Tyler Littlefield]

wow. nice, I'll take a look at it.


Thanks,
Tyler Littlefield
Web: tysdomain.com
email: tyler@tysdomain.com
My programs don't have bugs, they're called randomly added features.

----- Original Message ----- 
From: "Kirk Reiser" <kirk@braille.uwo.ca>
To: "Speakup is a screen review system for Linux." <speakup@braille.uwo.ca>
Sent: Friday, March 20, 2009 6:57 AM
Subject: Re: denyhosts quandry


>A package I just recently found and have installed on a couple of
> systems is fail2ban which has a bunch of popular rule sets included
> and is easily expandable by the user.  Basically it parses your
> systems logs and then performas ip blocks with iptables based on your
> specifications.  It has ssh buffer overrun pertection built-in by
> default.  It also has others you can easily enable.  There's a debian
> package so I imagine there are packages available for other distro's
> as well.
> 
>   Kirk
> --
> Kirk Reiser The Computer Braille Facility
> e-mail: kirk@braille.uwo.ca University of Western Ontario
> phone: (519) 661-3061
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup

RE: denyhosts quandry

[James Homuth]

Fail2Ban operates along the same theory as Denyhosts, though. So whatever
regular expression causes Denyhosts to flip out will probably do the same
for Fail2ban. Tried it on my Gentoo boxes a while back and noticed very
little if any difference. So instead I switched back to Denyhosts and
started removing PAM from my system. 

-----Original Message-----
From: speakup-bounces@braille.uwo.ca [mailto:speakup-bounces@braille.uwo.ca]
On Behalf Of Kirk Reiser
Sent: March 20, 2009 8:58 AM
To: Speakup is a screen review system for Linux.
Subject: Re: denyhosts quandry

A package I just recently found and have installed on a couple of systems is
fail2ban which has a bunch of popular rule sets included and is easily
expandable by the user.  Basically it parses your systems logs and then
performas ip blocks with iptables based on your specifications.  It has ssh
buffer overrun pertection built-in by default.  It also has others you can
easily enable.  There's a debian package so I imagine there are packages
available for other distro's as well.

   Kirk
--
Kirk Reiser				The Computer Braille Facility
e-mail: kirk@braille.uwo.ca		University of Western Ontario
phone: (519) 661-3061
_______________________________________________
Speakup mailing list
Speakup@braille.uwo.ca
http://speech.braille.uwo.ca/mailman/listinfo/speakup

Re: denyhosts quandry

[Tyler Littlefield]

started removing pam? >.>
I've found it has helped me in locking down on security, though I'm not 
really sure by how much.


Thanks,
Tyler Littlefield
Web: tysdomain.com
email: tyler@tysdomain.com
My programs don't have bugs, they're called randomly added features.

----- Original Message ----- 
From: "James Homuth" <james@the-jdh.com>
To: "'Speakup is a screen review system for Linux.'" 
<speakup@braille.uwo.ca>
Sent: Friday, March 20, 2009 7:53 AM
Subject: RE: denyhosts quandry


> Fail2Ban operates along the same theory as Denyhosts, though. So whatever
> regular expression causes Denyhosts to flip out will probably do the same
> for Fail2ban. Tried it on my Gentoo boxes a while back and noticed very
> little if any difference. So instead I switched back to Denyhosts and
> started removing PAM from my system.
>
> -----Original Message-----
> From: speakup-bounces@braille.uwo.ca 
> [mailto:speakup-bounces@braille.uwo.ca]
> On Behalf Of Kirk Reiser
> Sent: March 20, 2009 8:58 AM
> To: Speakup is a screen review system for Linux.
> Subject: Re: denyhosts quandry
>
> A package I just recently found and have installed on a couple of systems 
> is
> fail2ban which has a bunch of popular rule sets included and is easily
> expandable by the user.  Basically it parses your systems logs and then
> performas ip blocks with iptables based on your specifications.  It has 
> ssh
> buffer overrun pertection built-in by default.  It also has others you can
> easily enable.  There's a debian package so I imagine there are packages
> available for other distro's as well.
>
>   Kirk
> --
> Kirk Reiser The Computer Braille Facility
> e-mail: kirk@braille.uwo.ca University of Western Ontario
> phone: (519) 661-3061
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup 

RE: denyhosts quandry

[James Homuth]

It doesn't help much. Mine, at least, wouldn't stop asking for a password
even if I set SSHD to ask for public key only. So rather than fight with it,
I recompiled OpenSSH without it. 

-----Original Message-----
From: speakup-bounces@braille.uwo.ca [mailto:speakup-bounces@braille.uwo.ca]
On Behalf Of Tyler Littlefield
Sent: March 20, 2009 10:03 AM
To: Speakup is a screen review system for Linux.
Subject: Re: denyhosts quandry

started removing pam? >.>
I've found it has helped me in locking down on security, though I'm not
really sure by how much.


Thanks,
Tyler Littlefield
Web: tysdomain.com
email: tyler@tysdomain.com
My programs don't have bugs, they're called randomly added features.

----- Original Message ----- 
From: "James Homuth" <james@the-jdh.com>
To: "'Speakup is a screen review system for Linux.'" 
<speakup@braille.uwo.ca>
Sent: Friday, March 20, 2009 7:53 AM
Subject: RE: denyhosts quandry


> Fail2Ban operates along the same theory as Denyhosts, though. So whatever
> regular expression causes Denyhosts to flip out will probably do the same
> for Fail2ban. Tried it on my Gentoo boxes a while back and noticed very
> little if any difference. So instead I switched back to Denyhosts and
> started removing PAM from my system.
>
> -----Original Message-----
> From: speakup-bounces@braille.uwo.ca 
> [mailto:speakup-bounces@braille.uwo.ca]
> On Behalf Of Kirk Reiser
> Sent: March 20, 2009 8:58 AM
> To: Speakup is a screen review system for Linux.
> Subject: Re: denyhosts quandry
>
> A package I just recently found and have installed on a couple of systems 
> is
> fail2ban which has a bunch of popular rule sets included and is easily
> expandable by the user.  Basically it parses your systems logs and then
> performas ip blocks with iptables based on your specifications.  It has 
> ssh
> buffer overrun pertection built-in by default.  It also has others you can
> easily enable.  There's a debian package so I imagine there are packages
> available for other distro's as well.
>
>   Kirk
> --
> Kirk Reiser The Computer Braille Facility
> e-mail: kirk@braille.uwo.ca University of Western Ontario
> phone: (519) 661-3061
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup 

_______________________________________________
Speakup mailing list
Speakup@braille.uwo.ca
http://speech.braille.uwo.ca/mailman/listinfo/speakup

Re: denyhosts quandry

[Tyler Littlefield]

nice. I hadn't had that issue, but then again my apt-get does it all for me. 
I'm not pacient enough to sit there and wait for openSSH to compile and 
fight with it on something like slackware, though it would probably  be the 
prefered method of configuring things. Then I wouldn't be at the mercy of 
the package maintainers.



Thanks,
Tyler Littlefield
Web: tysdomain.com
email: tyler@tysdomain.com
My programs don't have bugs, they're called randomly added features.

----- Original Message ----- 
From: "James Homuth" <james@the-jdh.com>
To: "'Speakup is a screen review system for Linux.'" 
<speakup@braille.uwo.ca>
Sent: Friday, March 20, 2009 8:44 AM
Subject: RE: denyhosts quandry


> It doesn't help much. Mine, at least, wouldn't stop asking for a password
> even if I set SSHD to ask for public key only. So rather than fight with 
> it,
> I recompiled OpenSSH without it.
>
> -----Original Message-----
> From: speakup-bounces@braille.uwo.ca 
> [mailto:speakup-bounces@braille.uwo.ca]
> On Behalf Of Tyler Littlefield
> Sent: March 20, 2009 10:03 AM
> To: Speakup is a screen review system for Linux.
> Subject: Re: denyhosts quandry
>
> started removing pam? >.>
> I've found it has helped me in locking down on security, though I'm not
> really sure by how much.
>
>
> Thanks,
> Tyler Littlefield
> Web: tysdomain.com
> email: tyler@tysdomain.com
> My programs don't have bugs, they're called randomly added features.
>
> ----- Original Message ----- 
> From: "James Homuth" <james@the-jdh.com>
> To: "'Speakup is a screen review system for Linux.'"
> <speakup@braille.uwo.ca>
> Sent: Friday, March 20, 2009 7:53 AM
> Subject: RE: denyhosts quandry
>
>
>> Fail2Ban operates along the same theory as Denyhosts, though. So whatever
>> regular expression causes Denyhosts to flip out will probably do the same
>> for Fail2ban. Tried it on my Gentoo boxes a while back and noticed very
>> little if any difference. So instead I switched back to Denyhosts and
>> started removing PAM from my system.
>>
>> -----Original Message-----
>> From: speakup-bounces@braille.uwo.ca
>> [mailto:speakup-bounces@braille.uwo.ca]
>> On Behalf Of Kirk Reiser
>> Sent: March 20, 2009 8:58 AM
>> To: Speakup is a screen review system for Linux.
>> Subject: Re: denyhosts quandry
>>
>> A package I just recently found and have installed on a couple of systems
>> is
>> fail2ban which has a bunch of popular rule sets included and is easily
>> expandable by the user.  Basically it parses your systems logs and then
>> performas ip blocks with iptables based on your specifications.  It has
>> ssh
>> buffer overrun pertection built-in by default.  It also has others you 
>> can
>> easily enable.  There's a debian package so I imagine there are packages
>> available for other distro's as well.
>>
>>   Kirk
>> --
>> Kirk Reiser The Computer Braille Facility
>> e-mail: kirk@braille.uwo.ca University of Western Ontario
>> phone: (519) 661-3061
>> _______________________________________________
>> Speakup mailing list
>> Speakup@braille.uwo.ca
>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>
>> _______________________________________________
>> Speakup mailing list
>> Speakup@braille.uwo.ca
>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup 

RE: denyhosts quandry

[James Homuth]

There's probably a configuration directive you can change to turn it off,
even if it *is* listed as a dependancy. But Gentoo gives me that level of
customization, so I figure I might as well use it. That, plus sometimes,
it's just fun to recompile.

-----Original Message-----
From: speakup-bounces@braille.uwo.ca [mailto:speakup-bounces@braille.uwo.ca]
On Behalf Of Tyler Littlefield
Sent: March 20, 2009 10:49 AM
To: Speakup is a screen review system for Linux.
Subject: Re: denyhosts quandry

nice. I hadn't had that issue, but then again my apt-get does it all for me.

I'm not pacient enough to sit there and wait for openSSH to compile and
fight with it on something like slackware, though it would probably  be the
prefered method of configuring things. Then I wouldn't be at the mercy of
the package maintainers.



Thanks,
Tyler Littlefield
Web: tysdomain.com
email: tyler@tysdomain.com
My programs don't have bugs, they're called randomly added features.

----- Original Message -----
From: "James Homuth" <james@the-jdh.com>
To: "'Speakup is a screen review system for Linux.'" 
<speakup@braille.uwo.ca>
Sent: Friday, March 20, 2009 8:44 AM
Subject: RE: denyhosts quandry


> It doesn't help much. Mine, at least, wouldn't stop asking for a password
> even if I set SSHD to ask for public key only. So rather than fight with 
> it,
> I recompiled OpenSSH without it.
>
> -----Original Message-----
> From: speakup-bounces@braille.uwo.ca 
> [mailto:speakup-bounces@braille.uwo.ca]
> On Behalf Of Tyler Littlefield
> Sent: March 20, 2009 10:03 AM
> To: Speakup is a screen review system for Linux.
> Subject: Re: denyhosts quandry
>
> started removing pam? >.>
> I've found it has helped me in locking down on security, though I'm not
> really sure by how much.
>
>
> Thanks,
> Tyler Littlefield
> Web: tysdomain.com
> email: tyler@tysdomain.com
> My programs don't have bugs, they're called randomly added features.
>
> ----- Original Message ----- 
> From: "James Homuth" <james@the-jdh.com>
> To: "'Speakup is a screen review system for Linux.'"
> <speakup@braille.uwo.ca>
> Sent: Friday, March 20, 2009 7:53 AM
> Subject: RE: denyhosts quandry
>
>
>> Fail2Ban operates along the same theory as Denyhosts, though. So whatever
>> regular expression causes Denyhosts to flip out will probably do the same
>> for Fail2ban. Tried it on my Gentoo boxes a while back and noticed very
>> little if any difference. So instead I switched back to Denyhosts and
>> started removing PAM from my system.
>>
>> -----Original Message-----
>> From: speakup-bounces@braille.uwo.ca
>> [mailto:speakup-bounces@braille.uwo.ca]
>> On Behalf Of Kirk Reiser
>> Sent: March 20, 2009 8:58 AM
>> To: Speakup is a screen review system for Linux.
>> Subject: Re: denyhosts quandry
>>
>> A package I just recently found and have installed on a couple of systems
>> is
>> fail2ban which has a bunch of popular rule sets included and is easily
>> expandable by the user.  Basically it parses your systems logs and then
>> performas ip blocks with iptables based on your specifications.  It has
>> ssh
>> buffer overrun pertection built-in by default.  It also has others you 
>> can
>> easily enable.  There's a debian package so I imagine there are packages
>> available for other distro's as well.
>>
>>   Kirk
>> --
>> Kirk Reiser The Computer Braille Facility
>> e-mail: kirk@braille.uwo.ca University of Western Ontario
>> phone: (519) 661-3061
>> _______________________________________________
>> Speakup mailing list
>> Speakup@braille.uwo.ca
>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>
>> _______________________________________________
>> Speakup mailing list
>> Speakup@braille.uwo.ca
>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup 

_______________________________________________
Speakup mailing list
Speakup@braille.uwo.ca
http://speech.braille.uwo.ca/mailman/listinfo/speakup

Re: denyhosts quandry

[Tyler Littlefield]

>That, plus sometimes,
>it's just fun to recompile.
I scream and throw a fit every time I have to recompile. :) actually I like 
changing configuration around, I really scream when it breaks and I see the 
lovely "segmentation fault." :)

Thanks,
Tyler Littlefield
Web: tysdomain.com
email: tyler@tysdomain.com
My programs don't have bugs, they're called randomly added features.

----- Original Message ----- 
From: "James Homuth" <james@the-jdh.com>
To: "'Speakup is a screen review system for Linux.'" 
<speakup@braille.uwo.ca>
Sent: Friday, March 20, 2009 8:55 AM
Subject: RE: denyhosts quandry


> There's probably a configuration directive you can change to turn it off,
> even if it *is* listed as a dependancy. But Gentoo gives me that level of
> customization, so I figure I might as well use it. That, plus sometimes,
> it's just fun to recompile.
>
> -----Original Message-----
> From: speakup-bounces@braille.uwo.ca 
> [mailto:speakup-bounces@braille.uwo.ca]
> On Behalf Of Tyler Littlefield
> Sent: March 20, 2009 10:49 AM
> To: Speakup is a screen review system for Linux.
> Subject: Re: denyhosts quandry
>
> nice. I hadn't had that issue, but then again my apt-get does it all for 
> me.
>
> I'm not pacient enough to sit there and wait for openSSH to compile and
> fight with it on something like slackware, though it would probably  be 
> the
> prefered method of configuring things. Then I wouldn't be at the mercy of
> the package maintainers.
>
>
>
> Thanks,
> Tyler Littlefield
> Web: tysdomain.com
> email: tyler@tysdomain.com
> My programs don't have bugs, they're called randomly added features.
>
> ----- Original Message -----
> From: "James Homuth" <james@the-jdh.com>
> To: "'Speakup is a screen review system for Linux.'"
> <speakup@braille.uwo.ca>
> Sent: Friday, March 20, 2009 8:44 AM
> Subject: RE: denyhosts quandry
>
>
>> It doesn't help much. Mine, at least, wouldn't stop asking for a password
>> even if I set SSHD to ask for public key only. So rather than fight with
>> it,
>> I recompiled OpenSSH without it.
>>
>> -----Original Message-----
>> From: speakup-bounces@braille.uwo.ca
>> [mailto:speakup-bounces@braille.uwo.ca]
>> On Behalf Of Tyler Littlefield
>> Sent: March 20, 2009 10:03 AM
>> To: Speakup is a screen review system for Linux.
>> Subject: Re: denyhosts quandry
>>
>> started removing pam? >.>
>> I've found it has helped me in locking down on security, though I'm not
>> really sure by how much.
>>
>>
>> Thanks,
>> Tyler Littlefield
>> Web: tysdomain.com
>> email: tyler@tysdomain.com
>> My programs don't have bugs, they're called randomly added features.
>>
>> ----- Original Message ----- 
>> From: "James Homuth" <james@the-jdh.com>
>> To: "'Speakup is a screen review system for Linux.'"
>> <speakup@braille.uwo.ca>
>> Sent: Friday, March 20, 2009 7:53 AM
>> Subject: RE: denyhosts quandry
>>
>>
>>> Fail2Ban operates along the same theory as Denyhosts, though. So 
>>> whatever
>>> regular expression causes Denyhosts to flip out will probably do the 
>>> same
>>> for Fail2ban. Tried it on my Gentoo boxes a while back and noticed very
>>> little if any difference. So instead I switched back to Denyhosts and
>>> started removing PAM from my system.
>>>
>>> -----Original Message-----
>>> From: speakup-bounces@braille.uwo.ca
>>> [mailto:speakup-bounces@braille.uwo.ca]
>>> On Behalf Of Kirk Reiser
>>> Sent: March 20, 2009 8:58 AM
>>> To: Speakup is a screen review system for Linux.
>>> Subject: Re: denyhosts quandry
>>>
>>> A package I just recently found and have installed on a couple of 
>>> systems
>>> is
>>> fail2ban which has a bunch of popular rule sets included and is easily
>>> expandable by the user.  Basically it parses your systems logs and then
>>> performas ip blocks with iptables based on your specifications.  It has
>>> ssh
>>> buffer overrun pertection built-in by default.  It also has others you
>>> can
>>> easily enable.  There's a debian package so I imagine there are packages
>>> available for other distro's as well.
>>>
>>>   Kirk
>>> --
>>> Kirk Reiser The Computer Braille Facility
>>> e-mail: kirk@braille.uwo.ca University of Western Ontario
>>> phone: (519) 661-3061
>>> _______________________________________________
>>> Speakup mailing list
>>> Speakup@braille.uwo.ca
>>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>>
>>> _______________________________________________
>>> Speakup mailing list
>>> Speakup@braille.uwo.ca
>>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>
>> _______________________________________________
>> Speakup mailing list
>> Speakup@braille.uwo.ca
>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>
>> _______________________________________________
>> Speakup mailing list
>> Speakup@braille.uwo.ca
>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup 

RE: denyhosts quandry

[James Homuth]

Get used to it. Even precompiled bianires via apt-get will occasionally
segfault. The only difference is you have the option of recompiling to try
and correct it. 

-----Original Message-----
From: speakup-bounces@braille.uwo.ca [mailto:speakup-bounces@braille.uwo.ca]
On Behalf Of Tyler Littlefield
Sent: March 20, 2009 10:57 AM
To: Speakup is a screen review system for Linux.
Subject: Re: denyhosts quandry

>That, plus sometimes,
>it's just fun to recompile.
I scream and throw a fit every time I have to recompile. :) actually I like
changing configuration around, I really scream when it breaks and I see the
lovely "segmentation fault." :)

Thanks,
Tyler Littlefield
Web: tysdomain.com
email: tyler@tysdomain.com
My programs don't have bugs, they're called randomly added features.

----- Original Message -----
From: "James Homuth" <james@the-jdh.com>
To: "'Speakup is a screen review system for Linux.'" 
<speakup@braille.uwo.ca>
Sent: Friday, March 20, 2009 8:55 AM
Subject: RE: denyhosts quandry


> There's probably a configuration directive you can change to turn it off,
> even if it *is* listed as a dependancy. But Gentoo gives me that level of
> customization, so I figure I might as well use it. That, plus sometimes,
> it's just fun to recompile.
>
> -----Original Message-----
> From: speakup-bounces@braille.uwo.ca 
> [mailto:speakup-bounces@braille.uwo.ca]
> On Behalf Of Tyler Littlefield
> Sent: March 20, 2009 10:49 AM
> To: Speakup is a screen review system for Linux.
> Subject: Re: denyhosts quandry
>
> nice. I hadn't had that issue, but then again my apt-get does it all for 
> me.
>
> I'm not pacient enough to sit there and wait for openSSH to compile and
> fight with it on something like slackware, though it would probably  be 
> the
> prefered method of configuring things. Then I wouldn't be at the mercy of
> the package maintainers.
>
>
>
> Thanks,
> Tyler Littlefield
> Web: tysdomain.com
> email: tyler@tysdomain.com
> My programs don't have bugs, they're called randomly added features.
>
> ----- Original Message -----
> From: "James Homuth" <james@the-jdh.com>
> To: "'Speakup is a screen review system for Linux.'"
> <speakup@braille.uwo.ca>
> Sent: Friday, March 20, 2009 8:44 AM
> Subject: RE: denyhosts quandry
>
>
>> It doesn't help much. Mine, at least, wouldn't stop asking for a password
>> even if I set SSHD to ask for public key only. So rather than fight with
>> it,
>> I recompiled OpenSSH without it.
>>
>> -----Original Message-----
>> From: speakup-bounces@braille.uwo.ca
>> [mailto:speakup-bounces@braille.uwo.ca]
>> On Behalf Of Tyler Littlefield
>> Sent: March 20, 2009 10:03 AM
>> To: Speakup is a screen review system for Linux.
>> Subject: Re: denyhosts quandry
>>
>> started removing pam? >.>
>> I've found it has helped me in locking down on security, though I'm not
>> really sure by how much.
>>
>>
>> Thanks,
>> Tyler Littlefield
>> Web: tysdomain.com
>> email: tyler@tysdomain.com
>> My programs don't have bugs, they're called randomly added features.
>>
>> ----- Original Message ----- 
>> From: "James Homuth" <james@the-jdh.com>
>> To: "'Speakup is a screen review system for Linux.'"
>> <speakup@braille.uwo.ca>
>> Sent: Friday, March 20, 2009 7:53 AM
>> Subject: RE: denyhosts quandry
>>
>>
>>> Fail2Ban operates along the same theory as Denyhosts, though. So 
>>> whatever
>>> regular expression causes Denyhosts to flip out will probably do the 
>>> same
>>> for Fail2ban. Tried it on my Gentoo boxes a while back and noticed very
>>> little if any difference. So instead I switched back to Denyhosts and
>>> started removing PAM from my system.
>>>
>>> -----Original Message-----
>>> From: speakup-bounces@braille.uwo.ca
>>> [mailto:speakup-bounces@braille.uwo.ca]
>>> On Behalf Of Kirk Reiser
>>> Sent: March 20, 2009 8:58 AM
>>> To: Speakup is a screen review system for Linux.
>>> Subject: Re: denyhosts quandry
>>>
>>> A package I just recently found and have installed on a couple of 
>>> systems
>>> is
>>> fail2ban which has a bunch of popular rule sets included and is easily
>>> expandable by the user.  Basically it parses your systems logs and then
>>> performas ip blocks with iptables based on your specifications.  It has
>>> ssh
>>> buffer overrun pertection built-in by default.  It also has others you
>>> can
>>> easily enable.  There's a debian package so I imagine there are packages
>>> available for other distro's as well.
>>>
>>>   Kirk
>>> --
>>> Kirk Reiser The Computer Braille Facility
>>> e-mail: kirk@braille.uwo.ca University of Western Ontario
>>> phone: (519) 661-3061
>>> _______________________________________________
>>> Speakup mailing list
>>> Speakup@braille.uwo.ca
>>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>>
>>> _______________________________________________
>>> Speakup mailing list
>>> Speakup@braille.uwo.ca
>>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>
>> _______________________________________________
>> Speakup mailing list
>> Speakup@braille.uwo.ca
>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>
>> _______________________________________________
>> Speakup mailing list
>> Speakup@braille.uwo.ca
>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup 

_______________________________________________
Speakup mailing list
Speakup@braille.uwo.ca
http://speech.braille.uwo.ca/mailman/listinfo/speakup

Re: denyhosts quandry

[Tyler Littlefield]

yeah. I haven't had the issue with pre-built packages, but I"m sure it 
exists.


Thanks,
Tyler Littlefield
Web: tysdomain.com
email: tyler@tysdomain.com
My programs don't have bugs, they're called randomly added features.

----- Original Message ----- 
From: "James Homuth" <james@the-jdh.com>
To: "'Speakup is a screen review system for Linux.'" 
<speakup@braille.uwo.ca>
Sent: Friday, March 20, 2009 9:03 AM
Subject: RE: denyhosts quandry


> Get used to it. Even precompiled bianires via apt-get will occasionally
> segfault. The only difference is you have the option of recompiling to try
> and correct it.
>
> -----Original Message-----
> From: speakup-bounces@braille.uwo.ca 
> [mailto:speakup-bounces@braille.uwo.ca]
> On Behalf Of Tyler Littlefield
> Sent: March 20, 2009 10:57 AM
> To: Speakup is a screen review system for Linux.
> Subject: Re: denyhosts quandry
>
>>That, plus sometimes,
>>it's just fun to recompile.
> I scream and throw a fit every time I have to recompile. :) actually I 
> like
> changing configuration around, I really scream when it breaks and I see 
> the
> lovely "segmentation fault." :)
>
> Thanks,
> Tyler Littlefield
> Web: tysdomain.com
> email: tyler@tysdomain.com
> My programs don't have bugs, they're called randomly added features.
>
> ----- Original Message -----
> From: "James Homuth" <james@the-jdh.com>
> To: "'Speakup is a screen review system for Linux.'"
> <speakup@braille.uwo.ca>
> Sent: Friday, March 20, 2009 8:55 AM
> Subject: RE: denyhosts quandry
>
>
>> There's probably a configuration directive you can change to turn it off,
>> even if it *is* listed as a dependancy. But Gentoo gives me that level of
>> customization, so I figure I might as well use it. That, plus sometimes,
>> it's just fun to recompile.
>>
>> -----Original Message-----
>> From: speakup-bounces@braille.uwo.ca
>> [mailto:speakup-bounces@braille.uwo.ca]
>> On Behalf Of Tyler Littlefield
>> Sent: March 20, 2009 10:49 AM
>> To: Speakup is a screen review system for Linux.
>> Subject: Re: denyhosts quandry
>>
>> nice. I hadn't had that issue, but then again my apt-get does it all for
>> me.
>>
>> I'm not pacient enough to sit there and wait for openSSH to compile and
>> fight with it on something like slackware, though it would probably  be
>> the
>> prefered method of configuring things. Then I wouldn't be at the mercy of
>> the package maintainers.
>>
>>
>>
>> Thanks,
>> Tyler Littlefield
>> Web: tysdomain.com
>> email: tyler@tysdomain.com
>> My programs don't have bugs, they're called randomly added features.
>>
>> ----- Original Message -----
>> From: "James Homuth" <james@the-jdh.com>
>> To: "'Speakup is a screen review system for Linux.'"
>> <speakup@braille.uwo.ca>
>> Sent: Friday, March 20, 2009 8:44 AM
>> Subject: RE: denyhosts quandry
>>
>>
>>> It doesn't help much. Mine, at least, wouldn't stop asking for a 
>>> password
>>> even if I set SSHD to ask for public key only. So rather than fight with
>>> it,
>>> I recompiled OpenSSH without it.
>>>
>>> -----Original Message-----
>>> From: speakup-bounces@braille.uwo.ca
>>> [mailto:speakup-bounces@braille.uwo.ca]
>>> On Behalf Of Tyler Littlefield
>>> Sent: March 20, 2009 10:03 AM
>>> To: Speakup is a screen review system for Linux.
>>> Subject: Re: denyhosts quandry
>>>
>>> started removing pam? >.>
>>> I've found it has helped me in locking down on security, though I'm not
>>> really sure by how much.
>>>
>>>
>>> Thanks,
>>> Tyler Littlefield
>>> Web: tysdomain.com
>>> email: tyler@tysdomain.com
>>> My programs don't have bugs, they're called randomly added features.
>>>
>>> ----- Original Message ----- 
>>> From: "James Homuth" <james@the-jdh.com>
>>> To: "'Speakup is a screen review system for Linux.'"
>>> <speakup@braille.uwo.ca>
>>> Sent: Friday, March 20, 2009 7:53 AM
>>> Subject: RE: denyhosts quandry
>>>
>>>
>>>> Fail2Ban operates along the same theory as Denyhosts, though. So
>>>> whatever
>>>> regular expression causes Denyhosts to flip out will probably do the
>>>> same
>>>> for Fail2ban. Tried it on my Gentoo boxes a while back and noticed very
>>>> little if any difference. So instead I switched back to Denyhosts and
>>>> started removing PAM from my system.
>>>>
>>>> -----Original Message-----
>>>> From: speakup-bounces@braille.uwo.ca
>>>> [mailto:speakup-bounces@braille.uwo.ca]
>>>> On Behalf Of Kirk Reiser
>>>> Sent: March 20, 2009 8:58 AM
>>>> To: Speakup is a screen review system for Linux.
>>>> Subject: Re: denyhosts quandry
>>>>
>>>> A package I just recently found and have installed on a couple of
>>>> systems
>>>> is
>>>> fail2ban which has a bunch of popular rule sets included and is easily
>>>> expandable by the user.  Basically it parses your systems logs and then
>>>> performas ip blocks with iptables based on your specifications.  It has
>>>> ssh
>>>> buffer overrun pertection built-in by default.  It also has others you
>>>> can
>>>> easily enable.  There's a debian package so I imagine there are 
>>>> packages
>>>> available for other distro's as well.
>>>>
>>>>   Kirk
>>>> --
>>>> Kirk Reiser The Computer Braille Facility
>>>> e-mail: kirk@braille.uwo.ca University of Western Ontario
>>>> phone: (519) 661-3061
>>>> _______________________________________________
>>>> Speakup mailing list
>>>> Speakup@braille.uwo.ca
>>>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>>>
>>>> _______________________________________________
>>>> Speakup mailing list
>>>> Speakup@braille.uwo.ca
>>>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>>
>>> _______________________________________________
>>> Speakup mailing list
>>> Speakup@braille.uwo.ca
>>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>>
>>> _______________________________________________
>>> Speakup mailing list
>>> Speakup@braille.uwo.ca
>>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>
>> _______________________________________________
>> Speakup mailing list
>> Speakup@braille.uwo.ca
>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>
>> _______________________________________________
>> Speakup mailing list
>> Speakup@braille.uwo.ca
>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup 

Re: denyhosts quandry

[Gregory Nowak]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, Mar 20, 2009 at 08:49:05AM -0600, Tyler Littlefield wrote:
> Then I wouldn't be at the 
> mercy of the package maintainers.

Huh? Just because you're using a distro with a package manager that
tracks dependencies, and has a bunch of stuff already built as
packages, doesn't mean you're at the mercy of the package
maintainer. If you don't like how a certain package is built, there's
nothing stopping you from using something like apt-build, or apt-src,
to build your own local copy of the package, which is what I've done
in a couple instances.

As for the comment that recompiling is fun, I would have agreed in the
past, but don't agree with that now. When I first got into gnu/linux,
I thought compiling my own software was fun, but it started being a
hassle after about 3 years or so, which is why I went from slackware
to debian. I thought I'd prefer the convenience of just being able to
install a built binary, and that turns out to have been the
case. That's my own opinion of course, and I'm sure there are folks
out there who would enjoy compiling their own software 20 years later,
as much as they enjoyed it on day one. Also, when compiling, it does help too have modern hardware to
do it on, which I don't have currently.

Greg


- -- 
web site: http://www.romuald.net.eu.org
gpg public key: http://www.romuald.net.eu.org/pubkey.asc
skype: gregn1
(authorization required, add me to your contacts list first)

- --
Free domains: http://www.eu.org/ or mail dns-manager@EU.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAknD2f8ACgkQ7s9z/XlyUyAF8wCeIcdcbS2ih9zO8jQRRnssKhoo
OqwAoJBQCZD6gs8iObUag3lfz25/HIvx
=+Kb3
-----END PGP SIGNATURE-----

Re: denyhosts quandry

[Tyler Littlefield]

modern hardware makes a huge difference, which is why I was looking for a 
place to host the mud.
I went from 3 minutes compile time to 20 seconds or so, if that.


Thanks,
Tyler Littlefield
Web: tysdomain.com
email: tyler@tysdomain.com
My programs don't have bugs, they're called randomly added features.

----- Original Message ----- 
From: "Gregory Nowak" <greg@romuald.net.eu.org>
To: "Speakup is a screen review system for Linux." <speakup@braille.uwo.ca>
Sent: Friday, March 20, 2009 12:01 PM
Subject: Re: denyhosts quandry


> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Fri, Mar 20, 2009 at 08:49:05AM -0600, Tyler Littlefield wrote:
>> Then I wouldn't be at the
>> mercy of the package maintainers.
>
> Huh? Just because you're using a distro with a package manager that
> tracks dependencies, and has a bunch of stuff already built as
> packages, doesn't mean you're at the mercy of the package
> maintainer. If you don't like how a certain package is built, there's
> nothing stopping you from using something like apt-build, or apt-src,
> to build your own local copy of the package, which is what I've done
> in a couple instances.
>
> As for the comment that recompiling is fun, I would have agreed in the
> past, but don't agree with that now. When I first got into gnu/linux,
> I thought compiling my own software was fun, but it started being a
> hassle after about 3 years or so, which is why I went from slackware
> to debian. I thought I'd prefer the convenience of just being able to
> install a built binary, and that turns out to have been the
> case. That's my own opinion of course, and I'm sure there are folks
> out there who would enjoy compiling their own software 20 years later,
> as much as they enjoyed it on day one. Also, when compiling, it does help 
> too have modern hardware to
> do it on, which I don't have currently.
>
> Greg
>
>
> - -- 
> web site: http://www.romuald.net.eu.org
> gpg public key: http://www.romuald.net.eu.org/pubkey.asc
> skype: gregn1
> (authorization required, add me to your contacts list first)
>
> - --
> Free domains: http://www.eu.org/ or mail dns-manager@EU.org
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
>
> iEYEARECAAYFAknD2f8ACgkQ7s9z/XlyUyAF8wCeIcdcbS2ih9zO8jQRRnssKhoo
> OqwAoJBQCZD6gs8iObUag3lfz25/HIvx
> =+Kb3
> -----END PGP SIGNATURE-----
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup 

Re: denyhosts quandry

[farhan]

Hello, I am running ubuntu 8.10, and I tried to compile portaudio 19, I 
had to fight with it to get it to compile, or at least espeak to compile 
using portaudio 19.
all this crap about linking espeak to the right portaudio, why can't 
espeak just compile and work, in any case, the 9.04 upgrade will 
probably break my switch over to alsa and i'll just switch to arch 
eventually.


On 03/20/2009 09:55 AM, James Homuth wrote:
> There's probably a configuration directive you can change to turn it off,
> even if it *is* listed as a dependancy. But Gentoo gives me that level of
> customization, so I figure I might as well use it. That, plus sometimes,
> it's just fun to recompile.
>
> -----Original Message-----
> From: speakup-bounces@braille.uwo.ca [mailto:speakup-bounces@braille.uwo.ca]
> On Behalf Of Tyler Littlefield
> Sent: March 20, 2009 10:49 AM
> To: Speakup is a screen review system for Linux.
> Subject: Re: denyhosts quandry
>
> nice. I hadn't had that issue, but then again my apt-get does it all for me.
>
> I'm not pacient enough to sit there and wait for openSSH to compile and
> fight with it on something like slackware, though it would probably  be the
> prefered method of configuring things. Then I wouldn't be at the mercy of
> the package maintainers.
>
>
>
> Thanks,
> Tyler Littlefield
> Web: tysdomain.com
> email: tyler@tysdomain.com
> My programs don't have bugs, they're called randomly added features.
>
> ----- Original Message -----
> From: "James Homuth"<james@the-jdh.com>
> To: "'Speakup is a screen review system for Linux.'"
> <speakup@braille.uwo.ca>
> Sent: Friday, March 20, 2009 8:44 AM
> Subject: RE: denyhosts quandry
>
>
>    
>> It doesn't help much. Mine, at least, wouldn't stop asking for a password
>> even if I set SSHD to ask for public key only. So rather than fight with
>> it,
>> I recompiled OpenSSH without it.
>>
>> -----Original Message-----
>> From: speakup-bounces@braille.uwo.ca
>> [mailto:speakup-bounces@braille.uwo.ca]
>> On Behalf Of Tyler Littlefield
>> Sent: March 20, 2009 10:03 AM
>> To: Speakup is a screen review system for Linux.
>> Subject: Re: denyhosts quandry
>>
>> started removing pam?>.>
>> I've found it has helped me in locking down on security, though I'm not
>> really sure by how much.
>>
>>
>> Thanks,
>> Tyler Littlefield
>> Web: tysdomain.com
>> email: tyler@tysdomain.com
>> My programs don't have bugs, they're called randomly added features.
>>
>> ----- Original Message -----
>> From: "James Homuth"<james@the-jdh.com>
>> To: "'Speakup is a screen review system for Linux.'"
>> <speakup@braille.uwo.ca>
>> Sent: Friday, March 20, 2009 7:53 AM
>> Subject: RE: denyhosts quandry
>>
>>
>>      
>>> Fail2Ban operates along the same theory as Denyhosts, though. So whatever
>>> regular expression causes Denyhosts to flip out will probably do the same
>>> for Fail2ban. Tried it on my Gentoo boxes a while back and noticed very
>>> little if any difference. So instead I switched back to Denyhosts and
>>> started removing PAM from my system.
>>>
>>> -----Original Message-----
>>> From: speakup-bounces@braille.uwo.ca
>>> [mailto:speakup-bounces@braille.uwo.ca]
>>> On Behalf Of Kirk Reiser
>>> Sent: March 20, 2009 8:58 AM
>>> To: Speakup is a screen review system for Linux.
>>> Subject: Re: denyhosts quandry
>>>
>>> A package I just recently found and have installed on a couple of systems
>>> is
>>> fail2ban which has a bunch of popular rule sets included and is easily
>>> expandable by the user.  Basically it parses your systems logs and then
>>> performas ip blocks with iptables based on your specifications.  It has
>>> ssh
>>> buffer overrun pertection built-in by default.  It also has others you
>>> can
>>> easily enable.  There's a debian package so I imagine there are packages
>>> available for other distro's as well.
>>>
>>>    Kirk
>>> --
>>> Kirk Reiser The Computer Braille Facility
>>> e-mail: kirk@braille.uwo.ca University of Western Ontario
>>> phone: (519) 661-3061
>>> _______________________________________________
>>> Speakup mailing list
>>> Speakup@braille.uwo.ca
>>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>>
>>> _______________________________________________
>>> Speakup mailing list
>>> Speakup@braille.uwo.ca
>>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>>        
>> _______________________________________________
>> Speakup mailing list
>> Speakup@braille.uwo.ca
>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>
>> _______________________________________________
>> Speakup mailing list
>> Speakup@braille.uwo.ca
>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>      
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
>    

Re: denyhosts quandry

[Gregory Nowak]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, Mar 20, 2009 at 03:56:07PM -0500, farhan wrote:
> Hello, I am running ubuntu 8.10, and I tried to compile portaudio 19, I  
> had to fight with it to get it to compile, or at least espeak to compile  
> using portaudio 19.

Ubuntu is a debian-based distribution, so it should have the same
packages as debian available. So, I'm curious why you had to compile
portaudio 19 and espeak, when both are available in debian as
packages, and therefore I'd assume should also be available in ubuntu?

> all this crap about linking espeak to the right portaudio, why can't  
> espeak just compile and work,

Because, as I understand, espeak needs portaudio to be a
cross-platform tts engine. Removing portaudio would mean writing code
to use the audio hardware separately for gnu/linux, windows, and
anything else on which espeak runs and talks on through the sound system.

Greg


- -- 
web site: http://www.romuald.net.eu.org
gpg public key: http://www.romuald.net.eu.org/pubkey.asc
skype: gregn1
(authorization required, add me to your contacts list first)

- --
Free domains: http://www.eu.org/ or mail dns-manager@EU.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAknEBsIACgkQ7s9z/XlyUyDqKQCfZTNo/wvCIk0T8b/BYmdav4l3
FHsAnRYWp7F/cSQsh18JXSX2xGzRjUbo
=Krot
-----END PGP SIGNATURE-----

Re: denyhosts quandry

[Tyler Littlefield]

someone on here mentioned using public and private key pairs.
I've now got that set up, and have disabled password authentication.
How secure is this--in other words, am I going to need denyhosts working 
still?
Is this something that can be cracked by some script kiddy with to much 
time?


Thanks,
Tyler Littlefield
Web: tysdomain.com
email: tyler@tysdomain.com
My programs don't have bugs, they're called randomly added features.

----- Original Message ----- 
From: "James Homuth" <james@the-jdh.com>
To: "'Speakup is a screen review system for Linux.'" 
<speakup@braille.uwo.ca>
Sent: Friday, March 20, 2009 1:21 AM
Subject: RE: denyhosts quandry


> Before you start looking for an app to blame, check the logs. Open a SSH
> session, tail -F /bath/to/ssh.log, then load WinSCP. Then you'll know
> precisely what's causing Denyhosts to freak out.
>
> -----Original Message-----
> From: speakup-bounces@braille.uwo.ca 
> [mailto:speakup-bounces@braille.uwo.ca]
> On Behalf Of Tyler Littlefield
> Sent: March 19, 2009 10:26 PM
> To: Speakup is a screen review system for Linux.
> Subject: denyhosts quandry
>
> Hello list,
> I have a quick question.
> I am running denyhosts on my linux system, to try to keep out attackers 
> from
> running a password cracker on my ssh.
> It's caught a few, but it seems to be screaming when I log in with win 
> SCP.
> Basically, every time I log in, it just blocks my host out.
> Is there a way I can either get it to stop, or possibly set it to not 
> block
> that host?
> I'm not sure why WIN SCP would trigger a denyhosts, as as far as I know, 
> it
> runs when a password is incorrect.
> Unless win SCP sends an invalid login for some reason first, or something 
> of
> that sort.
>
>
> Thanks,
> Tyler Littlefield
> Web: tysdomain.com
> email: tyler@tysdomain.com
> My programs don't have bugs, they're called randomly added features.
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup 

RE: denyhosts quandry

[James Homuth]

The keys themselves are encripted, so it's extremely unlikely someone's
going to break the encription. That's also why there are two keys.
-----Original Message-----
From: speakup-bounces@braille.uwo.ca [mailto:speakup-bounces@braille.uwo.ca]
On Behalf Of Tyler Littlefield
Sent: March 20, 2009 7:00 PM
To: Speakup is a screen review system for Linux.
Subject: Re: denyhosts quandry

someone on here mentioned using public and private key pairs.
I've now got that set up, and have disabled password authentication.
How secure is this--in other words, am I going to need denyhosts working
still?
Is this something that can be cracked by some script kiddy with to much
time?


Thanks,
Tyler Littlefield
Web: tysdomain.com
email: tyler@tysdomain.com
My programs don't have bugs, they're called randomly added features.

----- Original Message -----
From: "James Homuth" <james@the-jdh.com>
To: "'Speakup is a screen review system for Linux.'" 
<speakup@braille.uwo.ca>
Sent: Friday, March 20, 2009 1:21 AM
Subject: RE: denyhosts quandry


> Before you start looking for an app to blame, check the logs. Open a SSH
> session, tail -F /bath/to/ssh.log, then load WinSCP. Then you'll know
> precisely what's causing Denyhosts to freak out.
>
> -----Original Message-----
> From: speakup-bounces@braille.uwo.ca 
> [mailto:speakup-bounces@braille.uwo.ca]
> On Behalf Of Tyler Littlefield
> Sent: March 19, 2009 10:26 PM
> To: Speakup is a screen review system for Linux.
> Subject: denyhosts quandry
>
> Hello list,
> I have a quick question.
> I am running denyhosts on my linux system, to try to keep out attackers 
> from
> running a password cracker on my ssh.
> It's caught a few, but it seems to be screaming when I log in with win 
> SCP.
> Basically, every time I log in, it just blocks my host out.
> Is there a way I can either get it to stop, or possibly set it to not 
> block
> that host?
> I'm not sure why WIN SCP would trigger a denyhosts, as as far as I know, 
> it
> runs when a password is incorrect.
> Unless win SCP sends an invalid login for some reason first, or something 
> of
> that sort.
>
>
> Thanks,
> Tyler Littlefield
> Web: tysdomain.com
> email: tyler@tysdomain.com
> My programs don't have bugs, they're called randomly added features.
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup 

_______________________________________________
Speakup mailing list
Speakup@braille.uwo.ca
http://speech.braille.uwo.ca/mailman/listinfo/speakup

Re: denyhosts quandry

[Tyler Littlefield]

gotcha. thanks.
I understand the signing of private key and of another partie's public key 
(thanks to littlebrother) , but I wasn't sure how ssh did it.

Thanks,
Tyler Littlefield
Web: tysdomain.com
email: tyler@tysdomain.com
My programs don't have bugs, they're called randomly added features.

----- Original Message ----- 
From: "James Homuth" <james@the-jdh.com>
To: "'Speakup is a screen review system for Linux.'" 
<speakup@braille.uwo.ca>
Sent: Friday, March 20, 2009 5:54 PM
Subject: RE: denyhosts quandry


> The keys themselves are encripted, so it's extremely unlikely someone's
> going to break the encription. That's also why there are two keys.
> -----Original Message-----
> From: speakup-bounces@braille.uwo.ca 
> [mailto:speakup-bounces@braille.uwo.ca]
> On Behalf Of Tyler Littlefield
> Sent: March 20, 2009 7:00 PM
> To: Speakup is a screen review system for Linux.
> Subject: Re: denyhosts quandry
>
> someone on here mentioned using public and private key pairs.
> I've now got that set up, and have disabled password authentication.
> How secure is this--in other words, am I going to need denyhosts working
> still?
> Is this something that can be cracked by some script kiddy with to much
> time?
>
>
> Thanks,
> Tyler Littlefield
> Web: tysdomain.com
> email: tyler@tysdomain.com
> My programs don't have bugs, they're called randomly added features.
>
> ----- Original Message -----
> From: "James Homuth" <james@the-jdh.com>
> To: "'Speakup is a screen review system for Linux.'"
> <speakup@braille.uwo.ca>
> Sent: Friday, March 20, 2009 1:21 AM
> Subject: RE: denyhosts quandry
>
>
>> Before you start looking for an app to blame, check the logs. Open a SSH
>> session, tail -F /bath/to/ssh.log, then load WinSCP. Then you'll know
>> precisely what's causing Denyhosts to freak out.
>>
>> -----Original Message-----
>> From: speakup-bounces@braille.uwo.ca
>> [mailto:speakup-bounces@braille.uwo.ca]
>> On Behalf Of Tyler Littlefield
>> Sent: March 19, 2009 10:26 PM
>> To: Speakup is a screen review system for Linux.
>> Subject: denyhosts quandry
>>
>> Hello list,
>> I have a quick question.
>> I am running denyhosts on my linux system, to try to keep out attackers
>> from
>> running a password cracker on my ssh.
>> It's caught a few, but it seems to be screaming when I log in with win
>> SCP.
>> Basically, every time I log in, it just blocks my host out.
>> Is there a way I can either get it to stop, or possibly set it to not
>> block
>> that host?
>> I'm not sure why WIN SCP would trigger a denyhosts, as as far as I know,
>> it
>> runs when a password is incorrect.
>> Unless win SCP sends an invalid login for some reason first, or something
>> of
>> that sort.
>>
>>
>> Thanks,
>> Tyler Littlefield
>> Web: tysdomain.com
>> email: tyler@tysdomain.com
>> My programs don't have bugs, they're called randomly added features.
>> _______________________________________________
>> Speakup mailing list
>> Speakup@braille.uwo.ca
>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>
>> _______________________________________________
>> Speakup mailing list
>> Speakup@braille.uwo.ca
>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup 

Re: denyhosts quandry

[Jayson Smith]

Public key authentication is, as I understand it, extremely secure. If 
someone doesn't have your private key, chances are that they won't be 
getting in, no matter how much they try. Unfortunately, it also involves an 
element of risk. Assuming you've disabled password authentication, if you 
should ever lose your private key, you won't be getting in either. So be 
sure and have several backups of your keypair, and in particular, your 
private key, since without it, your system will be locked down to even you. 
Just don't let it fall into the wrong hands.
Jayson

----- Original Message ----- 
From: "Tyler Littlefield" <tyler@tysdomain.com>
To: "Speakup is a screen review system for Linux." <speakup@braille.uwo.ca>
Sent: Friday, March 20, 2009 7:00 PM
Subject: Re: denyhosts quandry


> someone on here mentioned using public and private key pairs.
> I've now got that set up, and have disabled password authentication.
> How secure is this--in other words, am I going to need denyhosts working 
> still?
> Is this something that can be cracked by some script kiddy with to much 
> time?
>
>
> Thanks,
> Tyler Littlefield
> Web: tysdomain.com
> email: tyler@tysdomain.com
> My programs don't have bugs, they're called randomly added features.
>
> ----- Original Message ----- 
> From: "James Homuth" <james@the-jdh.com>
> To: "'Speakup is a screen review system for Linux.'" 
> <speakup@braille.uwo.ca>
> Sent: Friday, March 20, 2009 1:21 AM
> Subject: RE: denyhosts quandry
>
>
>> Before you start looking for an app to blame, check the logs. Open a SSH
>> session, tail -F /bath/to/ssh.log, then load WinSCP. Then you'll know
>> precisely what's causing Denyhosts to freak out.
>>
>> -----Original Message-----
>> From: speakup-bounces@braille.uwo.ca 
>> [mailto:speakup-bounces@braille.uwo.ca]
>> On Behalf Of Tyler Littlefield
>> Sent: March 19, 2009 10:26 PM
>> To: Speakup is a screen review system for Linux.
>> Subject: denyhosts quandry
>>
>> Hello list,
>> I have a quick question.
>> I am running denyhosts on my linux system, to try to keep out attackers 
>> from
>> running a password cracker on my ssh.
>> It's caught a few, but it seems to be screaming when I log in with win 
>> SCP.
>> Basically, every time I log in, it just blocks my host out.
>> Is there a way I can either get it to stop, or possibly set it to not 
>> block
>> that host?
>> I'm not sure why WIN SCP would trigger a denyhosts, as as far as I know, 
>> it
>> runs when a password is incorrect.
>> Unless win SCP sends an invalid login for some reason first, or something 
>> of
>> that sort.
>>
>>
>> Thanks,
>> Tyler Littlefield
>> Web: tysdomain.com
>> email: tyler@tysdomain.com
>> My programs don't have bugs, they're called randomly added features.
>> _______________________________________________
>> Speakup mailing list
>> Speakup@braille.uwo.ca
>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>
>> _______________________________________________
>> Speakup mailing list
>> Speakup@braille.uwo.ca
>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup 

Re: denyhosts quandry

[Tyler Littlefield]

thanks; my private and public key pairs are stored on my thumb drive, so I 
keep them where ever I go. :)


Thanks,
Tyler Littlefield
Web: tysdomain.com
email: tyler@tysdomain.com
My programs don't have bugs, they're called randomly added features.

----- Original Message ----- 
From: "Jayson Smith" <jaybird@bluegrasspals.com>
To: "Speakup is a screen review system for Linux." <speakup@braille.uwo.ca>
Sent: Friday, March 20, 2009 7:46 PM
Subject: Re: denyhosts quandry


> Public key authentication is, as I understand it, extremely secure. If 
> someone doesn't have your private key, chances are that they won't be 
> getting in, no matter how much they try. Unfortunately, it also involves 
> an element of risk. Assuming you've disabled password authentication, if 
> you should ever lose your private key, you won't be getting in either. So 
> be sure and have several backups of your keypair, and in particular, your 
> private key, since without it, your system will be locked down to even 
> you. Just don't let it fall into the wrong hands.
> Jayson
>
> ----- Original Message ----- 
> From: "Tyler Littlefield" <tyler@tysdomain.com>
> To: "Speakup is a screen review system for Linux." 
> <speakup@braille.uwo.ca>
> Sent: Friday, March 20, 2009 7:00 PM
> Subject: Re: denyhosts quandry
>
>
>> someone on here mentioned using public and private key pairs.
>> I've now got that set up, and have disabled password authentication.
>> How secure is this--in other words, am I going to need denyhosts working 
>> still?
>> Is this something that can be cracked by some script kiddy with to much 
>> time?
>>
>>
>> Thanks,
>> Tyler Littlefield
>> Web: tysdomain.com
>> email: tyler@tysdomain.com
>> My programs don't have bugs, they're called randomly added features.
>>
>> ----- Original Message ----- 
>> From: "James Homuth" <james@the-jdh.com>
>> To: "'Speakup is a screen review system for Linux.'" 
>> <speakup@braille.uwo.ca>
>> Sent: Friday, March 20, 2009 1:21 AM
>> Subject: RE: denyhosts quandry
>>
>>
>>> Before you start looking for an app to blame, check the logs. Open a SSH
>>> session, tail -F /bath/to/ssh.log, then load WinSCP. Then you'll know
>>> precisely what's causing Denyhosts to freak out.
>>>
>>> -----Original Message-----
>>> From: speakup-bounces@braille.uwo.ca 
>>> [mailto:speakup-bounces@braille.uwo.ca]
>>> On Behalf Of Tyler Littlefield
>>> Sent: March 19, 2009 10:26 PM
>>> To: Speakup is a screen review system for Linux.
>>> Subject: denyhosts quandry
>>>
>>> Hello list,
>>> I have a quick question.
>>> I am running denyhosts on my linux system, to try to keep out attackers 
>>> from
>>> running a password cracker on my ssh.
>>> It's caught a few, but it seems to be screaming when I log in with win 
>>> SCP.
>>> Basically, every time I log in, it just blocks my host out.
>>> Is there a way I can either get it to stop, or possibly set it to not 
>>> block
>>> that host?
>>> I'm not sure why WIN SCP would trigger a denyhosts, as as far as I know, 
>>> it
>>> runs when a password is incorrect.
>>> Unless win SCP sends an invalid login for some reason first, or 
>>> something of
>>> that sort.
>>>
>>>
>>> Thanks,
>>> Tyler Littlefield
>>> Web: tysdomain.com
>>> email: tyler@tysdomain.com
>>> My programs don't have bugs, they're called randomly added features.
>>> _______________________________________________
>>> Speakup mailing list
>>> Speakup@braille.uwo.ca
>>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>>
>>> _______________________________________________
>>> Speakup mailing list
>>> Speakup@braille.uwo.ca
>>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>
>> _______________________________________________
>> Speakup mailing list
>> Speakup@braille.uwo.ca
>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup