* denyhosts quandry @ Tyler Littlefield ` Chris Brannon ` James Homuth 0 siblings, 2 replies; 25+ messages in thread From: Tyler Littlefield @ UTC (permalink / raw) To: Speakup is a screen review system for Linux. Hello list, I have a quick question. I am running denyhosts on my linux system, to try to keep out attackers from running a password cracker on my ssh. It's caught a few, but it seems to be screaming when I log in with win SCP. Basically, every time I log in, it just blocks my host out. Is there a way I can either get it to stop, or possibly set it to not block that host? I'm not sure why WIN SCP would trigger a denyhosts, as as far as I know, it runs when a password is incorrect. Unless win SCP sends an invalid login for some reason first, or something of that sort. Thanks, Tyler Littlefield Web: tysdomain.com email: tyler@tysdomain.com My programs don't have bugs, they're called randomly added features. ^ permalink raw reply [flat|nested] 25+ messages in thread
* Re: denyhosts quandry denyhosts quandry Tyler Littlefield @ ` Chris Brannon ` Tyler Littlefield ` James Homuth 1 sibling, 1 reply; 25+ messages in thread From: Chris Brannon @ UTC (permalink / raw) To: Speakup is a screen review system for Linux. > I am running denyhosts on my linux system, to try to keep out attackers from > running a password cracker on my ssh. There is a really easy way to protect ssh from password attacks. Only allow public-key authentication. Require that people authenticate with a key when connecting, and disallow password-based authentication. See your local ssh_config manpage. -- Chris ^ permalink raw reply [flat|nested] 25+ messages in thread
* Re: denyhosts quandry ` Chris Brannon @ ` Tyler Littlefield 0 siblings, 0 replies; 25+ messages in thread From: Tyler Littlefield @ UTC (permalink / raw) To: Speakup is a screen review system for Linux. that would kill win SCP, which is my local editor, or I'd be up for that. Thanks, Tyler Littlefield Web: tysdomain.com email: tyler@tysdomain.com My programs don't have bugs, they're called randomly added features. ----- Original Message ----- From: "Chris Brannon" <cmbrannon@cox.net> To: "Speakup is a screen review system for Linux." <speakup@braille.uwo.ca> Sent: Thursday, March 19, 2009 8:42 PM Subject: Re: denyhosts quandry >> I am running denyhosts on my linux system, to try to keep out attackers >> from >> running a password cracker on my ssh. > > There is a really easy way to protect ssh from password attacks. > Only allow public-key authentication. > Require that people authenticate with a key when connecting, and disallow > password-based authentication. > See your local ssh_config manpage. > > -- Chris > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup ^ permalink raw reply [flat|nested] 25+ messages in thread
* RE: denyhosts quandry denyhosts quandry Tyler Littlefield ` Chris Brannon @ ` James Homuth ` Kirk Reiser ` (2 more replies) 1 sibling, 3 replies; 25+ messages in thread From: James Homuth @ UTC (permalink / raw) To: 'Speakup is a screen review system for Linux.' Before you start looking for an app to blame, check the logs. Open a SSH session, tail -F /bath/to/ssh.log, then load WinSCP. Then you'll know precisely what's causing Denyhosts to freak out. -----Original Message----- From: speakup-bounces@braille.uwo.ca [mailto:speakup-bounces@braille.uwo.ca] On Behalf Of Tyler Littlefield Sent: March 19, 2009 10:26 PM To: Speakup is a screen review system for Linux. Subject: denyhosts quandry Hello list, I have a quick question. I am running denyhosts on my linux system, to try to keep out attackers from running a password cracker on my ssh. It's caught a few, but it seems to be screaming when I log in with win SCP. Basically, every time I log in, it just blocks my host out. Is there a way I can either get it to stop, or possibly set it to not block that host? I'm not sure why WIN SCP would trigger a denyhosts, as as far as I know, it runs when a password is incorrect. Unless win SCP sends an invalid login for some reason first, or something of that sort. Thanks, Tyler Littlefield Web: tysdomain.com email: tyler@tysdomain.com My programs don't have bugs, they're called randomly added features. _______________________________________________ Speakup mailing list Speakup@braille.uwo.ca http://speech.braille.uwo.ca/mailman/listinfo/speakup ^ permalink raw reply [flat|nested] 25+ messages in thread
* Re: denyhosts quandry ` James Homuth @ ` Kirk Reiser ` Tom Moore ` (2 more replies) ` Tyler Littlefield ` Tyler Littlefield 2 siblings, 3 replies; 25+ messages in thread From: Kirk Reiser @ UTC (permalink / raw) To: Speakup is a screen review system for Linux. A package I just recently found and have installed on a couple of systems is fail2ban which has a bunch of popular rule sets included and is easily expandable by the user. Basically it parses your systems logs and then performas ip blocks with iptables based on your specifications. It has ssh buffer overrun pertection built-in by default. It also has others you can easily enable. There's a debian package so I imagine there are packages available for other distro's as well. Kirk -- Kirk Reiser The Computer Braille Facility e-mail: kirk@braille.uwo.ca University of Western Ontario phone: (519) 661-3061 ^ permalink raw reply [flat|nested] 25+ messages in thread
* RE: denyhosts quandry ` Kirk Reiser @ ` Tom Moore ` Tyler Littlefield ` James Homuth 2 siblings, 0 replies; 25+ messages in thread From: Tom Moore @ UTC (permalink / raw) To: 'Speakup is a screen review system for Linux.' I second the fail2ban suggestion. It's a nice program that will probably do what you want. Tom -----Original Message----- From: speakup-bounces@braille.uwo.ca [mailto:speakup-bounces@braille.uwo.ca] On Behalf Of Kirk Reiser Sent: Friday, March 20, 2009 8:58 AM To: Speakup is a screen review system for Linux. Subject: Re: denyhosts quandry A package I just recently found and have installed on a couple of systems is fail2ban which has a bunch of popular rule sets included and is easily expandable by the user. Basically it parses your systems logs and then performas ip blocks with iptables based on your specifications. It has ssh buffer overrun pertection built-in by default. It also has others you can easily enable. There's a debian package so I imagine there are packages available for other distro's as well. Kirk -- Kirk Reiser The Computer Braille Facility e-mail: kirk@braille.uwo.ca University of Western Ontario phone: (519) 661-3061 _______________________________________________ Speakup mailing list Speakup@braille.uwo.ca http://speech.braille.uwo.ca/mailman/listinfo/speakup ^ permalink raw reply [flat|nested] 25+ messages in thread
* Re: denyhosts quandry ` Kirk Reiser ` Tom Moore @ ` Tyler Littlefield ` James Homuth 2 siblings, 0 replies; 25+ messages in thread From: Tyler Littlefield @ UTC (permalink / raw) To: Speakup is a screen review system for Linux. wow. nice, I'll take a look at it. Thanks, Tyler Littlefield Web: tysdomain.com email: tyler@tysdomain.com My programs don't have bugs, they're called randomly added features. ----- Original Message ----- From: "Kirk Reiser" <kirk@braille.uwo.ca> To: "Speakup is a screen review system for Linux." <speakup@braille.uwo.ca> Sent: Friday, March 20, 2009 6:57 AM Subject: Re: denyhosts quandry >A package I just recently found and have installed on a couple of > systems is fail2ban which has a bunch of popular rule sets included > and is easily expandable by the user. Basically it parses your > systems logs and then performas ip blocks with iptables based on your > specifications. It has ssh buffer overrun pertection built-in by > default. It also has others you can easily enable. There's a debian > package so I imagine there are packages available for other distro's > as well. > > Kirk > -- > Kirk Reiser The Computer Braille Facility > e-mail: kirk@braille.uwo.ca University of Western Ontario > phone: (519) 661-3061 > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup ^ permalink raw reply [flat|nested] 25+ messages in thread
* RE: denyhosts quandry ` Kirk Reiser ` Tom Moore ` Tyler Littlefield @ ` James Homuth ` Tyler Littlefield 2 siblings, 1 reply; 25+ messages in thread From: James Homuth @ UTC (permalink / raw) To: 'Speakup is a screen review system for Linux.' Fail2Ban operates along the same theory as Denyhosts, though. So whatever regular expression causes Denyhosts to flip out will probably do the same for Fail2ban. Tried it on my Gentoo boxes a while back and noticed very little if any difference. So instead I switched back to Denyhosts and started removing PAM from my system. -----Original Message----- From: speakup-bounces@braille.uwo.ca [mailto:speakup-bounces@braille.uwo.ca] On Behalf Of Kirk Reiser Sent: March 20, 2009 8:58 AM To: Speakup is a screen review system for Linux. Subject: Re: denyhosts quandry A package I just recently found and have installed on a couple of systems is fail2ban which has a bunch of popular rule sets included and is easily expandable by the user. Basically it parses your systems logs and then performas ip blocks with iptables based on your specifications. It has ssh buffer overrun pertection built-in by default. It also has others you can easily enable. There's a debian package so I imagine there are packages available for other distro's as well. Kirk -- Kirk Reiser The Computer Braille Facility e-mail: kirk@braille.uwo.ca University of Western Ontario phone: (519) 661-3061 _______________________________________________ Speakup mailing list Speakup@braille.uwo.ca http://speech.braille.uwo.ca/mailman/listinfo/speakup ^ permalink raw reply [flat|nested] 25+ messages in thread
* Re: denyhosts quandry ` James Homuth @ ` Tyler Littlefield ` James Homuth 0 siblings, 1 reply; 25+ messages in thread From: Tyler Littlefield @ UTC (permalink / raw) To: Speakup is a screen review system for Linux. started removing pam? >.> I've found it has helped me in locking down on security, though I'm not really sure by how much. Thanks, Tyler Littlefield Web: tysdomain.com email: tyler@tysdomain.com My programs don't have bugs, they're called randomly added features. ----- Original Message ----- From: "James Homuth" <james@the-jdh.com> To: "'Speakup is a screen review system for Linux.'" <speakup@braille.uwo.ca> Sent: Friday, March 20, 2009 7:53 AM Subject: RE: denyhosts quandry > Fail2Ban operates along the same theory as Denyhosts, though. So whatever > regular expression causes Denyhosts to flip out will probably do the same > for Fail2ban. Tried it on my Gentoo boxes a while back and noticed very > little if any difference. So instead I switched back to Denyhosts and > started removing PAM from my system. > > -----Original Message----- > From: speakup-bounces@braille.uwo.ca > [mailto:speakup-bounces@braille.uwo.ca] > On Behalf Of Kirk Reiser > Sent: March 20, 2009 8:58 AM > To: Speakup is a screen review system for Linux. > Subject: Re: denyhosts quandry > > A package I just recently found and have installed on a couple of systems > is > fail2ban which has a bunch of popular rule sets included and is easily > expandable by the user. Basically it parses your systems logs and then > performas ip blocks with iptables based on your specifications. It has > ssh > buffer overrun pertection built-in by default. It also has others you can > easily enable. There's a debian package so I imagine there are packages > available for other distro's as well. > > Kirk > -- > Kirk Reiser The Computer Braille Facility > e-mail: kirk@braille.uwo.ca University of Western Ontario > phone: (519) 661-3061 > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup > > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup ^ permalink raw reply [flat|nested] 25+ messages in thread
* RE: denyhosts quandry ` Tyler Littlefield @ ` James Homuth ` Tyler Littlefield 0 siblings, 1 reply; 25+ messages in thread From: James Homuth @ UTC (permalink / raw) To: 'Speakup is a screen review system for Linux.' It doesn't help much. Mine, at least, wouldn't stop asking for a password even if I set SSHD to ask for public key only. So rather than fight with it, I recompiled OpenSSH without it. -----Original Message----- From: speakup-bounces@braille.uwo.ca [mailto:speakup-bounces@braille.uwo.ca] On Behalf Of Tyler Littlefield Sent: March 20, 2009 10:03 AM To: Speakup is a screen review system for Linux. Subject: Re: denyhosts quandry started removing pam? >.> I've found it has helped me in locking down on security, though I'm not really sure by how much. Thanks, Tyler Littlefield Web: tysdomain.com email: tyler@tysdomain.com My programs don't have bugs, they're called randomly added features. ----- Original Message ----- From: "James Homuth" <james@the-jdh.com> To: "'Speakup is a screen review system for Linux.'" <speakup@braille.uwo.ca> Sent: Friday, March 20, 2009 7:53 AM Subject: RE: denyhosts quandry > Fail2Ban operates along the same theory as Denyhosts, though. So whatever > regular expression causes Denyhosts to flip out will probably do the same > for Fail2ban. Tried it on my Gentoo boxes a while back and noticed very > little if any difference. So instead I switched back to Denyhosts and > started removing PAM from my system. > > -----Original Message----- > From: speakup-bounces@braille.uwo.ca > [mailto:speakup-bounces@braille.uwo.ca] > On Behalf Of Kirk Reiser > Sent: March 20, 2009 8:58 AM > To: Speakup is a screen review system for Linux. > Subject: Re: denyhosts quandry > > A package I just recently found and have installed on a couple of systems > is > fail2ban which has a bunch of popular rule sets included and is easily > expandable by the user. Basically it parses your systems logs and then > performas ip blocks with iptables based on your specifications. It has > ssh > buffer overrun pertection built-in by default. It also has others you can > easily enable. There's a debian package so I imagine there are packages > available for other distro's as well. > > Kirk > -- > Kirk Reiser The Computer Braille Facility > e-mail: kirk@braille.uwo.ca University of Western Ontario > phone: (519) 661-3061 > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup > > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup _______________________________________________ Speakup mailing list Speakup@braille.uwo.ca http://speech.braille.uwo.ca/mailman/listinfo/speakup ^ permalink raw reply [flat|nested] 25+ messages in thread
* Re: denyhosts quandry ` James Homuth @ ` Tyler Littlefield ` James Homuth ` Gregory Nowak 0 siblings, 2 replies; 25+ messages in thread From: Tyler Littlefield @ UTC (permalink / raw) To: Speakup is a screen review system for Linux. nice. I hadn't had that issue, but then again my apt-get does it all for me. I'm not pacient enough to sit there and wait for openSSH to compile and fight with it on something like slackware, though it would probably be the prefered method of configuring things. Then I wouldn't be at the mercy of the package maintainers. Thanks, Tyler Littlefield Web: tysdomain.com email: tyler@tysdomain.com My programs don't have bugs, they're called randomly added features. ----- Original Message ----- From: "James Homuth" <james@the-jdh.com> To: "'Speakup is a screen review system for Linux.'" <speakup@braille.uwo.ca> Sent: Friday, March 20, 2009 8:44 AM Subject: RE: denyhosts quandry > It doesn't help much. Mine, at least, wouldn't stop asking for a password > even if I set SSHD to ask for public key only. So rather than fight with > it, > I recompiled OpenSSH without it. > > -----Original Message----- > From: speakup-bounces@braille.uwo.ca > [mailto:speakup-bounces@braille.uwo.ca] > On Behalf Of Tyler Littlefield > Sent: March 20, 2009 10:03 AM > To: Speakup is a screen review system for Linux. > Subject: Re: denyhosts quandry > > started removing pam? >.> > I've found it has helped me in locking down on security, though I'm not > really sure by how much. > > > Thanks, > Tyler Littlefield > Web: tysdomain.com > email: tyler@tysdomain.com > My programs don't have bugs, they're called randomly added features. > > ----- Original Message ----- > From: "James Homuth" <james@the-jdh.com> > To: "'Speakup is a screen review system for Linux.'" > <speakup@braille.uwo.ca> > Sent: Friday, March 20, 2009 7:53 AM > Subject: RE: denyhosts quandry > > >> Fail2Ban operates along the same theory as Denyhosts, though. So whatever >> regular expression causes Denyhosts to flip out will probably do the same >> for Fail2ban. Tried it on my Gentoo boxes a while back and noticed very >> little if any difference. So instead I switched back to Denyhosts and >> started removing PAM from my system. >> >> -----Original Message----- >> From: speakup-bounces@braille.uwo.ca >> [mailto:speakup-bounces@braille.uwo.ca] >> On Behalf Of Kirk Reiser >> Sent: March 20, 2009 8:58 AM >> To: Speakup is a screen review system for Linux. >> Subject: Re: denyhosts quandry >> >> A package I just recently found and have installed on a couple of systems >> is >> fail2ban which has a bunch of popular rule sets included and is easily >> expandable by the user. Basically it parses your systems logs and then >> performas ip blocks with iptables based on your specifications. It has >> ssh >> buffer overrun pertection built-in by default. It also has others you >> can >> easily enable. There's a debian package so I imagine there are packages >> available for other distro's as well. >> >> Kirk >> -- >> Kirk Reiser The Computer Braille Facility >> e-mail: kirk@braille.uwo.ca University of Western Ontario >> phone: (519) 661-3061 >> _______________________________________________ >> Speakup mailing list >> Speakup@braille.uwo.ca >> http://speech.braille.uwo.ca/mailman/listinfo/speakup >> >> _______________________________________________ >> Speakup mailing list >> Speakup@braille.uwo.ca >> http://speech.braille.uwo.ca/mailman/listinfo/speakup > > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup > > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup ^ permalink raw reply [flat|nested] 25+ messages in thread
* RE: denyhosts quandry ` Tyler Littlefield @ ` James Homuth ` Tyler Littlefield ` farhan ` Gregory Nowak 1 sibling, 2 replies; 25+ messages in thread From: James Homuth @ UTC (permalink / raw) To: 'Speakup is a screen review system for Linux.' There's probably a configuration directive you can change to turn it off, even if it *is* listed as a dependancy. But Gentoo gives me that level of customization, so I figure I might as well use it. That, plus sometimes, it's just fun to recompile. -----Original Message----- From: speakup-bounces@braille.uwo.ca [mailto:speakup-bounces@braille.uwo.ca] On Behalf Of Tyler Littlefield Sent: March 20, 2009 10:49 AM To: Speakup is a screen review system for Linux. Subject: Re: denyhosts quandry nice. I hadn't had that issue, but then again my apt-get does it all for me. I'm not pacient enough to sit there and wait for openSSH to compile and fight with it on something like slackware, though it would probably be the prefered method of configuring things. Then I wouldn't be at the mercy of the package maintainers. Thanks, Tyler Littlefield Web: tysdomain.com email: tyler@tysdomain.com My programs don't have bugs, they're called randomly added features. ----- Original Message ----- From: "James Homuth" <james@the-jdh.com> To: "'Speakup is a screen review system for Linux.'" <speakup@braille.uwo.ca> Sent: Friday, March 20, 2009 8:44 AM Subject: RE: denyhosts quandry > It doesn't help much. Mine, at least, wouldn't stop asking for a password > even if I set SSHD to ask for public key only. So rather than fight with > it, > I recompiled OpenSSH without it. > > -----Original Message----- > From: speakup-bounces@braille.uwo.ca > [mailto:speakup-bounces@braille.uwo.ca] > On Behalf Of Tyler Littlefield > Sent: March 20, 2009 10:03 AM > To: Speakup is a screen review system for Linux. > Subject: Re: denyhosts quandry > > started removing pam? >.> > I've found it has helped me in locking down on security, though I'm not > really sure by how much. > > > Thanks, > Tyler Littlefield > Web: tysdomain.com > email: tyler@tysdomain.com > My programs don't have bugs, they're called randomly added features. > > ----- Original Message ----- > From: "James Homuth" <james@the-jdh.com> > To: "'Speakup is a screen review system for Linux.'" > <speakup@braille.uwo.ca> > Sent: Friday, March 20, 2009 7:53 AM > Subject: RE: denyhosts quandry > > >> Fail2Ban operates along the same theory as Denyhosts, though. So whatever >> regular expression causes Denyhosts to flip out will probably do the same >> for Fail2ban. Tried it on my Gentoo boxes a while back and noticed very >> little if any difference. So instead I switched back to Denyhosts and >> started removing PAM from my system. >> >> -----Original Message----- >> From: speakup-bounces@braille.uwo.ca >> [mailto:speakup-bounces@braille.uwo.ca] >> On Behalf Of Kirk Reiser >> Sent: March 20, 2009 8:58 AM >> To: Speakup is a screen review system for Linux. >> Subject: Re: denyhosts quandry >> >> A package I just recently found and have installed on a couple of systems >> is >> fail2ban which has a bunch of popular rule sets included and is easily >> expandable by the user. Basically it parses your systems logs and then >> performas ip blocks with iptables based on your specifications. It has >> ssh >> buffer overrun pertection built-in by default. It also has others you >> can >> easily enable. There's a debian package so I imagine there are packages >> available for other distro's as well. >> >> Kirk >> -- >> Kirk Reiser The Computer Braille Facility >> e-mail: kirk@braille.uwo.ca University of Western Ontario >> phone: (519) 661-3061 >> _______________________________________________ >> Speakup mailing list >> Speakup@braille.uwo.ca >> http://speech.braille.uwo.ca/mailman/listinfo/speakup >> >> _______________________________________________ >> Speakup mailing list >> Speakup@braille.uwo.ca >> http://speech.braille.uwo.ca/mailman/listinfo/speakup > > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup > > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup _______________________________________________ Speakup mailing list Speakup@braille.uwo.ca http://speech.braille.uwo.ca/mailman/listinfo/speakup ^ permalink raw reply [flat|nested] 25+ messages in thread
* Re: denyhosts quandry ` James Homuth @ ` Tyler Littlefield ` James Homuth ` farhan 1 sibling, 1 reply; 25+ messages in thread From: Tyler Littlefield @ UTC (permalink / raw) To: Speakup is a screen review system for Linux. >That, plus sometimes, >it's just fun to recompile. I scream and throw a fit every time I have to recompile. :) actually I like changing configuration around, I really scream when it breaks and I see the lovely "segmentation fault." :) Thanks, Tyler Littlefield Web: tysdomain.com email: tyler@tysdomain.com My programs don't have bugs, they're called randomly added features. ----- Original Message ----- From: "James Homuth" <james@the-jdh.com> To: "'Speakup is a screen review system for Linux.'" <speakup@braille.uwo.ca> Sent: Friday, March 20, 2009 8:55 AM Subject: RE: denyhosts quandry > There's probably a configuration directive you can change to turn it off, > even if it *is* listed as a dependancy. But Gentoo gives me that level of > customization, so I figure I might as well use it. That, plus sometimes, > it's just fun to recompile. > > -----Original Message----- > From: speakup-bounces@braille.uwo.ca > [mailto:speakup-bounces@braille.uwo.ca] > On Behalf Of Tyler Littlefield > Sent: March 20, 2009 10:49 AM > To: Speakup is a screen review system for Linux. > Subject: Re: denyhosts quandry > > nice. I hadn't had that issue, but then again my apt-get does it all for > me. > > I'm not pacient enough to sit there and wait for openSSH to compile and > fight with it on something like slackware, though it would probably be > the > prefered method of configuring things. Then I wouldn't be at the mercy of > the package maintainers. > > > > Thanks, > Tyler Littlefield > Web: tysdomain.com > email: tyler@tysdomain.com > My programs don't have bugs, they're called randomly added features. > > ----- Original Message ----- > From: "James Homuth" <james@the-jdh.com> > To: "'Speakup is a screen review system for Linux.'" > <speakup@braille.uwo.ca> > Sent: Friday, March 20, 2009 8:44 AM > Subject: RE: denyhosts quandry > > >> It doesn't help much. Mine, at least, wouldn't stop asking for a password >> even if I set SSHD to ask for public key only. So rather than fight with >> it, >> I recompiled OpenSSH without it. >> >> -----Original Message----- >> From: speakup-bounces@braille.uwo.ca >> [mailto:speakup-bounces@braille.uwo.ca] >> On Behalf Of Tyler Littlefield >> Sent: March 20, 2009 10:03 AM >> To: Speakup is a screen review system for Linux. >> Subject: Re: denyhosts quandry >> >> started removing pam? >.> >> I've found it has helped me in locking down on security, though I'm not >> really sure by how much. >> >> >> Thanks, >> Tyler Littlefield >> Web: tysdomain.com >> email: tyler@tysdomain.com >> My programs don't have bugs, they're called randomly added features. >> >> ----- Original Message ----- >> From: "James Homuth" <james@the-jdh.com> >> To: "'Speakup is a screen review system for Linux.'" >> <speakup@braille.uwo.ca> >> Sent: Friday, March 20, 2009 7:53 AM >> Subject: RE: denyhosts quandry >> >> >>> Fail2Ban operates along the same theory as Denyhosts, though. So >>> whatever >>> regular expression causes Denyhosts to flip out will probably do the >>> same >>> for Fail2ban. Tried it on my Gentoo boxes a while back and noticed very >>> little if any difference. So instead I switched back to Denyhosts and >>> started removing PAM from my system. >>> >>> -----Original Message----- >>> From: speakup-bounces@braille.uwo.ca >>> [mailto:speakup-bounces@braille.uwo.ca] >>> On Behalf Of Kirk Reiser >>> Sent: March 20, 2009 8:58 AM >>> To: Speakup is a screen review system for Linux. >>> Subject: Re: denyhosts quandry >>> >>> A package I just recently found and have installed on a couple of >>> systems >>> is >>> fail2ban which has a bunch of popular rule sets included and is easily >>> expandable by the user. Basically it parses your systems logs and then >>> performas ip blocks with iptables based on your specifications. It has >>> ssh >>> buffer overrun pertection built-in by default. It also has others you >>> can >>> easily enable. There's a debian package so I imagine there are packages >>> available for other distro's as well. >>> >>> Kirk >>> -- >>> Kirk Reiser The Computer Braille Facility >>> e-mail: kirk@braille.uwo.ca University of Western Ontario >>> phone: (519) 661-3061 >>> _______________________________________________ >>> Speakup mailing list >>> Speakup@braille.uwo.ca >>> http://speech.braille.uwo.ca/mailman/listinfo/speakup >>> >>> _______________________________________________ >>> Speakup mailing list >>> Speakup@braille.uwo.ca >>> http://speech.braille.uwo.ca/mailman/listinfo/speakup >> >> _______________________________________________ >> Speakup mailing list >> Speakup@braille.uwo.ca >> http://speech.braille.uwo.ca/mailman/listinfo/speakup >> >> _______________________________________________ >> Speakup mailing list >> Speakup@braille.uwo.ca >> http://speech.braille.uwo.ca/mailman/listinfo/speakup > > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup > > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup ^ permalink raw reply [flat|nested] 25+ messages in thread
* RE: denyhosts quandry ` Tyler Littlefield @ ` James Homuth ` Tyler Littlefield 0 siblings, 1 reply; 25+ messages in thread From: James Homuth @ UTC (permalink / raw) To: 'Speakup is a screen review system for Linux.' Get used to it. Even precompiled bianires via apt-get will occasionally segfault. The only difference is you have the option of recompiling to try and correct it. -----Original Message----- From: speakup-bounces@braille.uwo.ca [mailto:speakup-bounces@braille.uwo.ca] On Behalf Of Tyler Littlefield Sent: March 20, 2009 10:57 AM To: Speakup is a screen review system for Linux. Subject: Re: denyhosts quandry >That, plus sometimes, >it's just fun to recompile. I scream and throw a fit every time I have to recompile. :) actually I like changing configuration around, I really scream when it breaks and I see the lovely "segmentation fault." :) Thanks, Tyler Littlefield Web: tysdomain.com email: tyler@tysdomain.com My programs don't have bugs, they're called randomly added features. ----- Original Message ----- From: "James Homuth" <james@the-jdh.com> To: "'Speakup is a screen review system for Linux.'" <speakup@braille.uwo.ca> Sent: Friday, March 20, 2009 8:55 AM Subject: RE: denyhosts quandry > There's probably a configuration directive you can change to turn it off, > even if it *is* listed as a dependancy. But Gentoo gives me that level of > customization, so I figure I might as well use it. That, plus sometimes, > it's just fun to recompile. > > -----Original Message----- > From: speakup-bounces@braille.uwo.ca > [mailto:speakup-bounces@braille.uwo.ca] > On Behalf Of Tyler Littlefield > Sent: March 20, 2009 10:49 AM > To: Speakup is a screen review system for Linux. > Subject: Re: denyhosts quandry > > nice. I hadn't had that issue, but then again my apt-get does it all for > me. > > I'm not pacient enough to sit there and wait for openSSH to compile and > fight with it on something like slackware, though it would probably be > the > prefered method of configuring things. Then I wouldn't be at the mercy of > the package maintainers. > > > > Thanks, > Tyler Littlefield > Web: tysdomain.com > email: tyler@tysdomain.com > My programs don't have bugs, they're called randomly added features. > > ----- Original Message ----- > From: "James Homuth" <james@the-jdh.com> > To: "'Speakup is a screen review system for Linux.'" > <speakup@braille.uwo.ca> > Sent: Friday, March 20, 2009 8:44 AM > Subject: RE: denyhosts quandry > > >> It doesn't help much. Mine, at least, wouldn't stop asking for a password >> even if I set SSHD to ask for public key only. So rather than fight with >> it, >> I recompiled OpenSSH without it. >> >> -----Original Message----- >> From: speakup-bounces@braille.uwo.ca >> [mailto:speakup-bounces@braille.uwo.ca] >> On Behalf Of Tyler Littlefield >> Sent: March 20, 2009 10:03 AM >> To: Speakup is a screen review system for Linux. >> Subject: Re: denyhosts quandry >> >> started removing pam? >.> >> I've found it has helped me in locking down on security, though I'm not >> really sure by how much. >> >> >> Thanks, >> Tyler Littlefield >> Web: tysdomain.com >> email: tyler@tysdomain.com >> My programs don't have bugs, they're called randomly added features. >> >> ----- Original Message ----- >> From: "James Homuth" <james@the-jdh.com> >> To: "'Speakup is a screen review system for Linux.'" >> <speakup@braille.uwo.ca> >> Sent: Friday, March 20, 2009 7:53 AM >> Subject: RE: denyhosts quandry >> >> >>> Fail2Ban operates along the same theory as Denyhosts, though. So >>> whatever >>> regular expression causes Denyhosts to flip out will probably do the >>> same >>> for Fail2ban. Tried it on my Gentoo boxes a while back and noticed very >>> little if any difference. So instead I switched back to Denyhosts and >>> started removing PAM from my system. >>> >>> -----Original Message----- >>> From: speakup-bounces@braille.uwo.ca >>> [mailto:speakup-bounces@braille.uwo.ca] >>> On Behalf Of Kirk Reiser >>> Sent: March 20, 2009 8:58 AM >>> To: Speakup is a screen review system for Linux. >>> Subject: Re: denyhosts quandry >>> >>> A package I just recently found and have installed on a couple of >>> systems >>> is >>> fail2ban which has a bunch of popular rule sets included and is easily >>> expandable by the user. Basically it parses your systems logs and then >>> performas ip blocks with iptables based on your specifications. It has >>> ssh >>> buffer overrun pertection built-in by default. It also has others you >>> can >>> easily enable. There's a debian package so I imagine there are packages >>> available for other distro's as well. >>> >>> Kirk >>> -- >>> Kirk Reiser The Computer Braille Facility >>> e-mail: kirk@braille.uwo.ca University of Western Ontario >>> phone: (519) 661-3061 >>> _______________________________________________ >>> Speakup mailing list >>> Speakup@braille.uwo.ca >>> http://speech.braille.uwo.ca/mailman/listinfo/speakup >>> >>> _______________________________________________ >>> Speakup mailing list >>> Speakup@braille.uwo.ca >>> http://speech.braille.uwo.ca/mailman/listinfo/speakup >> >> _______________________________________________ >> Speakup mailing list >> Speakup@braille.uwo.ca >> http://speech.braille.uwo.ca/mailman/listinfo/speakup >> >> _______________________________________________ >> Speakup mailing list >> Speakup@braille.uwo.ca >> http://speech.braille.uwo.ca/mailman/listinfo/speakup > > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup > > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup _______________________________________________ Speakup mailing list Speakup@braille.uwo.ca http://speech.braille.uwo.ca/mailman/listinfo/speakup ^ permalink raw reply [flat|nested] 25+ messages in thread
* Re: denyhosts quandry ` James Homuth @ ` Tyler Littlefield 0 siblings, 0 replies; 25+ messages in thread From: Tyler Littlefield @ UTC (permalink / raw) To: Speakup is a screen review system for Linux. yeah. I haven't had the issue with pre-built packages, but I"m sure it exists. Thanks, Tyler Littlefield Web: tysdomain.com email: tyler@tysdomain.com My programs don't have bugs, they're called randomly added features. ----- Original Message ----- From: "James Homuth" <james@the-jdh.com> To: "'Speakup is a screen review system for Linux.'" <speakup@braille.uwo.ca> Sent: Friday, March 20, 2009 9:03 AM Subject: RE: denyhosts quandry > Get used to it. Even precompiled bianires via apt-get will occasionally > segfault. The only difference is you have the option of recompiling to try > and correct it. > > -----Original Message----- > From: speakup-bounces@braille.uwo.ca > [mailto:speakup-bounces@braille.uwo.ca] > On Behalf Of Tyler Littlefield > Sent: March 20, 2009 10:57 AM > To: Speakup is a screen review system for Linux. > Subject: Re: denyhosts quandry > >>That, plus sometimes, >>it's just fun to recompile. > I scream and throw a fit every time I have to recompile. :) actually I > like > changing configuration around, I really scream when it breaks and I see > the > lovely "segmentation fault." :) > > Thanks, > Tyler Littlefield > Web: tysdomain.com > email: tyler@tysdomain.com > My programs don't have bugs, they're called randomly added features. > > ----- Original Message ----- > From: "James Homuth" <james@the-jdh.com> > To: "'Speakup is a screen review system for Linux.'" > <speakup@braille.uwo.ca> > Sent: Friday, March 20, 2009 8:55 AM > Subject: RE: denyhosts quandry > > >> There's probably a configuration directive you can change to turn it off, >> even if it *is* listed as a dependancy. But Gentoo gives me that level of >> customization, so I figure I might as well use it. That, plus sometimes, >> it's just fun to recompile. >> >> -----Original Message----- >> From: speakup-bounces@braille.uwo.ca >> [mailto:speakup-bounces@braille.uwo.ca] >> On Behalf Of Tyler Littlefield >> Sent: March 20, 2009 10:49 AM >> To: Speakup is a screen review system for Linux. >> Subject: Re: denyhosts quandry >> >> nice. I hadn't had that issue, but then again my apt-get does it all for >> me. >> >> I'm not pacient enough to sit there and wait for openSSH to compile and >> fight with it on something like slackware, though it would probably be >> the >> prefered method of configuring things. Then I wouldn't be at the mercy of >> the package maintainers. >> >> >> >> Thanks, >> Tyler Littlefield >> Web: tysdomain.com >> email: tyler@tysdomain.com >> My programs don't have bugs, they're called randomly added features. >> >> ----- Original Message ----- >> From: "James Homuth" <james@the-jdh.com> >> To: "'Speakup is a screen review system for Linux.'" >> <speakup@braille.uwo.ca> >> Sent: Friday, March 20, 2009 8:44 AM >> Subject: RE: denyhosts quandry >> >> >>> It doesn't help much. Mine, at least, wouldn't stop asking for a >>> password >>> even if I set SSHD to ask for public key only. So rather than fight with >>> it, >>> I recompiled OpenSSH without it. >>> >>> -----Original Message----- >>> From: speakup-bounces@braille.uwo.ca >>> [mailto:speakup-bounces@braille.uwo.ca] >>> On Behalf Of Tyler Littlefield >>> Sent: March 20, 2009 10:03 AM >>> To: Speakup is a screen review system for Linux. >>> Subject: Re: denyhosts quandry >>> >>> started removing pam? >.> >>> I've found it has helped me in locking down on security, though I'm not >>> really sure by how much. >>> >>> >>> Thanks, >>> Tyler Littlefield >>> Web: tysdomain.com >>> email: tyler@tysdomain.com >>> My programs don't have bugs, they're called randomly added features. >>> >>> ----- Original Message ----- >>> From: "James Homuth" <james@the-jdh.com> >>> To: "'Speakup is a screen review system for Linux.'" >>> <speakup@braille.uwo.ca> >>> Sent: Friday, March 20, 2009 7:53 AM >>> Subject: RE: denyhosts quandry >>> >>> >>>> Fail2Ban operates along the same theory as Denyhosts, though. So >>>> whatever >>>> regular expression causes Denyhosts to flip out will probably do the >>>> same >>>> for Fail2ban. Tried it on my Gentoo boxes a while back and noticed very >>>> little if any difference. So instead I switched back to Denyhosts and >>>> started removing PAM from my system. >>>> >>>> -----Original Message----- >>>> From: speakup-bounces@braille.uwo.ca >>>> [mailto:speakup-bounces@braille.uwo.ca] >>>> On Behalf Of Kirk Reiser >>>> Sent: March 20, 2009 8:58 AM >>>> To: Speakup is a screen review system for Linux. >>>> Subject: Re: denyhosts quandry >>>> >>>> A package I just recently found and have installed on a couple of >>>> systems >>>> is >>>> fail2ban which has a bunch of popular rule sets included and is easily >>>> expandable by the user. Basically it parses your systems logs and then >>>> performas ip blocks with iptables based on your specifications. It has >>>> ssh >>>> buffer overrun pertection built-in by default. It also has others you >>>> can >>>> easily enable. There's a debian package so I imagine there are >>>> packages >>>> available for other distro's as well. >>>> >>>> Kirk >>>> -- >>>> Kirk Reiser The Computer Braille Facility >>>> e-mail: kirk@braille.uwo.ca University of Western Ontario >>>> phone: (519) 661-3061 >>>> _______________________________________________ >>>> Speakup mailing list >>>> Speakup@braille.uwo.ca >>>> http://speech.braille.uwo.ca/mailman/listinfo/speakup >>>> >>>> _______________________________________________ >>>> Speakup mailing list >>>> Speakup@braille.uwo.ca >>>> http://speech.braille.uwo.ca/mailman/listinfo/speakup >>> >>> _______________________________________________ >>> Speakup mailing list >>> Speakup@braille.uwo.ca >>> http://speech.braille.uwo.ca/mailman/listinfo/speakup >>> >>> _______________________________________________ >>> Speakup mailing list >>> Speakup@braille.uwo.ca >>> http://speech.braille.uwo.ca/mailman/listinfo/speakup >> >> _______________________________________________ >> Speakup mailing list >> Speakup@braille.uwo.ca >> http://speech.braille.uwo.ca/mailman/listinfo/speakup >> >> _______________________________________________ >> Speakup mailing list >> Speakup@braille.uwo.ca >> http://speech.braille.uwo.ca/mailman/listinfo/speakup > > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup > > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup ^ permalink raw reply [flat|nested] 25+ messages in thread
* Re: denyhosts quandry ` James Homuth ` Tyler Littlefield @ ` farhan ` Gregory Nowak 1 sibling, 1 reply; 25+ messages in thread From: farhan @ UTC (permalink / raw) To: Speakup is a screen review system for Linux. Hello, I am running ubuntu 8.10, and I tried to compile portaudio 19, I had to fight with it to get it to compile, or at least espeak to compile using portaudio 19. all this crap about linking espeak to the right portaudio, why can't espeak just compile and work, in any case, the 9.04 upgrade will probably break my switch over to alsa and i'll just switch to arch eventually. On 03/20/2009 09:55 AM, James Homuth wrote: > There's probably a configuration directive you can change to turn it off, > even if it *is* listed as a dependancy. But Gentoo gives me that level of > customization, so I figure I might as well use it. That, plus sometimes, > it's just fun to recompile. > > -----Original Message----- > From: speakup-bounces@braille.uwo.ca [mailto:speakup-bounces@braille.uwo.ca] > On Behalf Of Tyler Littlefield > Sent: March 20, 2009 10:49 AM > To: Speakup is a screen review system for Linux. > Subject: Re: denyhosts quandry > > nice. I hadn't had that issue, but then again my apt-get does it all for me. > > I'm not pacient enough to sit there and wait for openSSH to compile and > fight with it on something like slackware, though it would probably be the > prefered method of configuring things. Then I wouldn't be at the mercy of > the package maintainers. > > > > Thanks, > Tyler Littlefield > Web: tysdomain.com > email: tyler@tysdomain.com > My programs don't have bugs, they're called randomly added features. > > ----- Original Message ----- > From: "James Homuth"<james@the-jdh.com> > To: "'Speakup is a screen review system for Linux.'" > <speakup@braille.uwo.ca> > Sent: Friday, March 20, 2009 8:44 AM > Subject: RE: denyhosts quandry > > > >> It doesn't help much. Mine, at least, wouldn't stop asking for a password >> even if I set SSHD to ask for public key only. So rather than fight with >> it, >> I recompiled OpenSSH without it. >> >> -----Original Message----- >> From: speakup-bounces@braille.uwo.ca >> [mailto:speakup-bounces@braille.uwo.ca] >> On Behalf Of Tyler Littlefield >> Sent: March 20, 2009 10:03 AM >> To: Speakup is a screen review system for Linux. >> Subject: Re: denyhosts quandry >> >> started removing pam?>.> >> I've found it has helped me in locking down on security, though I'm not >> really sure by how much. >> >> >> Thanks, >> Tyler Littlefield >> Web: tysdomain.com >> email: tyler@tysdomain.com >> My programs don't have bugs, they're called randomly added features. >> >> ----- Original Message ----- >> From: "James Homuth"<james@the-jdh.com> >> To: "'Speakup is a screen review system for Linux.'" >> <speakup@braille.uwo.ca> >> Sent: Friday, March 20, 2009 7:53 AM >> Subject: RE: denyhosts quandry >> >> >> >>> Fail2Ban operates along the same theory as Denyhosts, though. So whatever >>> regular expression causes Denyhosts to flip out will probably do the same >>> for Fail2ban. Tried it on my Gentoo boxes a while back and noticed very >>> little if any difference. So instead I switched back to Denyhosts and >>> started removing PAM from my system. >>> >>> -----Original Message----- >>> From: speakup-bounces@braille.uwo.ca >>> [mailto:speakup-bounces@braille.uwo.ca] >>> On Behalf Of Kirk Reiser >>> Sent: March 20, 2009 8:58 AM >>> To: Speakup is a screen review system for Linux. >>> Subject: Re: denyhosts quandry >>> >>> A package I just recently found and have installed on a couple of systems >>> is >>> fail2ban which has a bunch of popular rule sets included and is easily >>> expandable by the user. Basically it parses your systems logs and then >>> performas ip blocks with iptables based on your specifications. It has >>> ssh >>> buffer overrun pertection built-in by default. It also has others you >>> can >>> easily enable. There's a debian package so I imagine there are packages >>> available for other distro's as well. >>> >>> Kirk >>> -- >>> Kirk Reiser The Computer Braille Facility >>> e-mail: kirk@braille.uwo.ca University of Western Ontario >>> phone: (519) 661-3061 >>> _______________________________________________ >>> Speakup mailing list >>> Speakup@braille.uwo.ca >>> http://speech.braille.uwo.ca/mailman/listinfo/speakup >>> >>> _______________________________________________ >>> Speakup mailing list >>> Speakup@braille.uwo.ca >>> http://speech.braille.uwo.ca/mailman/listinfo/speakup >>> >> _______________________________________________ >> Speakup mailing list >> Speakup@braille.uwo.ca >> http://speech.braille.uwo.ca/mailman/listinfo/speakup >> >> _______________________________________________ >> Speakup mailing list >> Speakup@braille.uwo.ca >> http://speech.braille.uwo.ca/mailman/listinfo/speakup >> > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup > > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup > > ^ permalink raw reply [flat|nested] 25+ messages in thread
* Re: denyhosts quandry ` farhan @ ` Gregory Nowak 0 siblings, 0 replies; 25+ messages in thread From: Gregory Nowak @ UTC (permalink / raw) To: Speakup is a screen review system for Linux. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, Mar 20, 2009 at 03:56:07PM -0500, farhan wrote: > Hello, I am running ubuntu 8.10, and I tried to compile portaudio 19, I > had to fight with it to get it to compile, or at least espeak to compile > using portaudio 19. Ubuntu is a debian-based distribution, so it should have the same packages as debian available. So, I'm curious why you had to compile portaudio 19 and espeak, when both are available in debian as packages, and therefore I'd assume should also be available in ubuntu? > all this crap about linking espeak to the right portaudio, why can't > espeak just compile and work, Because, as I understand, espeak needs portaudio to be a cross-platform tts engine. Removing portaudio would mean writing code to use the audio hardware separately for gnu/linux, windows, and anything else on which espeak runs and talks on through the sound system. Greg - -- web site: http://www.romuald.net.eu.org gpg public key: http://www.romuald.net.eu.org/pubkey.asc skype: gregn1 (authorization required, add me to your contacts list first) - -- Free domains: http://www.eu.org/ or mail dns-manager@EU.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAknEBsIACgkQ7s9z/XlyUyDqKQCfZTNo/wvCIk0T8b/BYmdav4l3 FHsAnRYWp7F/cSQsh18JXSX2xGzRjUbo =Krot -----END PGP SIGNATURE----- ^ permalink raw reply [flat|nested] 25+ messages in thread
* Re: denyhosts quandry ` Tyler Littlefield ` James Homuth @ ` Gregory Nowak ` Tyler Littlefield 1 sibling, 1 reply; 25+ messages in thread From: Gregory Nowak @ UTC (permalink / raw) To: Speakup is a screen review system for Linux. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, Mar 20, 2009 at 08:49:05AM -0600, Tyler Littlefield wrote: > Then I wouldn't be at the > mercy of the package maintainers. Huh? Just because you're using a distro with a package manager that tracks dependencies, and has a bunch of stuff already built as packages, doesn't mean you're at the mercy of the package maintainer. If you don't like how a certain package is built, there's nothing stopping you from using something like apt-build, or apt-src, to build your own local copy of the package, which is what I've done in a couple instances. As for the comment that recompiling is fun, I would have agreed in the past, but don't agree with that now. When I first got into gnu/linux, I thought compiling my own software was fun, but it started being a hassle after about 3 years or so, which is why I went from slackware to debian. I thought I'd prefer the convenience of just being able to install a built binary, and that turns out to have been the case. That's my own opinion of course, and I'm sure there are folks out there who would enjoy compiling their own software 20 years later, as much as they enjoyed it on day one. Also, when compiling, it does help too have modern hardware to do it on, which I don't have currently. Greg - -- web site: http://www.romuald.net.eu.org gpg public key: http://www.romuald.net.eu.org/pubkey.asc skype: gregn1 (authorization required, add me to your contacts list first) - -- Free domains: http://www.eu.org/ or mail dns-manager@EU.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAknD2f8ACgkQ7s9z/XlyUyAF8wCeIcdcbS2ih9zO8jQRRnssKhoo OqwAoJBQCZD6gs8iObUag3lfz25/HIvx =+Kb3 -----END PGP SIGNATURE----- ^ permalink raw reply [flat|nested] 25+ messages in thread
* Re: denyhosts quandry ` Gregory Nowak @ ` Tyler Littlefield 0 siblings, 0 replies; 25+ messages in thread From: Tyler Littlefield @ UTC (permalink / raw) To: Speakup is a screen review system for Linux. modern hardware makes a huge difference, which is why I was looking for a place to host the mud. I went from 3 minutes compile time to 20 seconds or so, if that. Thanks, Tyler Littlefield Web: tysdomain.com email: tyler@tysdomain.com My programs don't have bugs, they're called randomly added features. ----- Original Message ----- From: "Gregory Nowak" <greg@romuald.net.eu.org> To: "Speakup is a screen review system for Linux." <speakup@braille.uwo.ca> Sent: Friday, March 20, 2009 12:01 PM Subject: Re: denyhosts quandry > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Fri, Mar 20, 2009 at 08:49:05AM -0600, Tyler Littlefield wrote: >> Then I wouldn't be at the >> mercy of the package maintainers. > > Huh? Just because you're using a distro with a package manager that > tracks dependencies, and has a bunch of stuff already built as > packages, doesn't mean you're at the mercy of the package > maintainer. If you don't like how a certain package is built, there's > nothing stopping you from using something like apt-build, or apt-src, > to build your own local copy of the package, which is what I've done > in a couple instances. > > As for the comment that recompiling is fun, I would have agreed in the > past, but don't agree with that now. When I first got into gnu/linux, > I thought compiling my own software was fun, but it started being a > hassle after about 3 years or so, which is why I went from slackware > to debian. I thought I'd prefer the convenience of just being able to > install a built binary, and that turns out to have been the > case. That's my own opinion of course, and I'm sure there are folks > out there who would enjoy compiling their own software 20 years later, > as much as they enjoyed it on day one. Also, when compiling, it does help > too have modern hardware to > do it on, which I don't have currently. > > Greg > > > - -- > web site: http://www.romuald.net.eu.org > gpg public key: http://www.romuald.net.eu.org/pubkey.asc > skype: gregn1 > (authorization required, add me to your contacts list first) > > - -- > Free domains: http://www.eu.org/ or mail dns-manager@EU.org > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (GNU/Linux) > > iEYEARECAAYFAknD2f8ACgkQ7s9z/XlyUyAF8wCeIcdcbS2ih9zO8jQRRnssKhoo > OqwAoJBQCZD6gs8iObUag3lfz25/HIvx > =+Kb3 > -----END PGP SIGNATURE----- > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup ^ permalink raw reply [flat|nested] 25+ messages in thread
* Re: denyhosts quandry ` James Homuth ` Kirk Reiser @ ` Tyler Littlefield ` Tyler Littlefield 2 siblings, 0 replies; 25+ messages in thread From: Tyler Littlefield @ UTC (permalink / raw) To: Speakup is a screen review system for Linux. will do. thanks. Blaming an app is so much easier. ;) Thanks, Tyler Littlefield Web: tysdomain.com email: tyler@tysdomain.com My programs don't have bugs, they're called randomly added features. ----- Original Message ----- From: "James Homuth" <james@the-jdh.com> To: "'Speakup is a screen review system for Linux.'" <speakup@braille.uwo.ca> Sent: Friday, March 20, 2009 1:21 AM Subject: RE: denyhosts quandry > Before you start looking for an app to blame, check the logs. Open a SSH > session, tail -F /bath/to/ssh.log, then load WinSCP. Then you'll know > precisely what's causing Denyhosts to freak out. > > -----Original Message----- > From: speakup-bounces@braille.uwo.ca > [mailto:speakup-bounces@braille.uwo.ca] > On Behalf Of Tyler Littlefield > Sent: March 19, 2009 10:26 PM > To: Speakup is a screen review system for Linux. > Subject: denyhosts quandry > > Hello list, > I have a quick question. > I am running denyhosts on my linux system, to try to keep out attackers > from > running a password cracker on my ssh. > It's caught a few, but it seems to be screaming when I log in with win > SCP. > Basically, every time I log in, it just blocks my host out. > Is there a way I can either get it to stop, or possibly set it to not > block > that host? > I'm not sure why WIN SCP would trigger a denyhosts, as as far as I know, > it > runs when a password is incorrect. > Unless win SCP sends an invalid login for some reason first, or something > of > that sort. > > > Thanks, > Tyler Littlefield > Web: tysdomain.com > email: tyler@tysdomain.com > My programs don't have bugs, they're called randomly added features. > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup > > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup ^ permalink raw reply [flat|nested] 25+ messages in thread
* Re: denyhosts quandry ` James Homuth ` Kirk Reiser ` Tyler Littlefield @ ` Tyler Littlefield ` James Homuth ` Jayson Smith 2 siblings, 2 replies; 25+ messages in thread From: Tyler Littlefield @ UTC (permalink / raw) To: Speakup is a screen review system for Linux. someone on here mentioned using public and private key pairs. I've now got that set up, and have disabled password authentication. How secure is this--in other words, am I going to need denyhosts working still? Is this something that can be cracked by some script kiddy with to much time? Thanks, Tyler Littlefield Web: tysdomain.com email: tyler@tysdomain.com My programs don't have bugs, they're called randomly added features. ----- Original Message ----- From: "James Homuth" <james@the-jdh.com> To: "'Speakup is a screen review system for Linux.'" <speakup@braille.uwo.ca> Sent: Friday, March 20, 2009 1:21 AM Subject: RE: denyhosts quandry > Before you start looking for an app to blame, check the logs. Open a SSH > session, tail -F /bath/to/ssh.log, then load WinSCP. Then you'll know > precisely what's causing Denyhosts to freak out. > > -----Original Message----- > From: speakup-bounces@braille.uwo.ca > [mailto:speakup-bounces@braille.uwo.ca] > On Behalf Of Tyler Littlefield > Sent: March 19, 2009 10:26 PM > To: Speakup is a screen review system for Linux. > Subject: denyhosts quandry > > Hello list, > I have a quick question. > I am running denyhosts on my linux system, to try to keep out attackers > from > running a password cracker on my ssh. > It's caught a few, but it seems to be screaming when I log in with win > SCP. > Basically, every time I log in, it just blocks my host out. > Is there a way I can either get it to stop, or possibly set it to not > block > that host? > I'm not sure why WIN SCP would trigger a denyhosts, as as far as I know, > it > runs when a password is incorrect. > Unless win SCP sends an invalid login for some reason first, or something > of > that sort. > > > Thanks, > Tyler Littlefield > Web: tysdomain.com > email: tyler@tysdomain.com > My programs don't have bugs, they're called randomly added features. > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup > > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup ^ permalink raw reply [flat|nested] 25+ messages in thread
* RE: denyhosts quandry ` Tyler Littlefield @ ` James Homuth ` Tyler Littlefield ` Jayson Smith 1 sibling, 1 reply; 25+ messages in thread From: James Homuth @ UTC (permalink / raw) To: 'Speakup is a screen review system for Linux.' The keys themselves are encripted, so it's extremely unlikely someone's going to break the encription. That's also why there are two keys. -----Original Message----- From: speakup-bounces@braille.uwo.ca [mailto:speakup-bounces@braille.uwo.ca] On Behalf Of Tyler Littlefield Sent: March 20, 2009 7:00 PM To: Speakup is a screen review system for Linux. Subject: Re: denyhosts quandry someone on here mentioned using public and private key pairs. I've now got that set up, and have disabled password authentication. How secure is this--in other words, am I going to need denyhosts working still? Is this something that can be cracked by some script kiddy with to much time? Thanks, Tyler Littlefield Web: tysdomain.com email: tyler@tysdomain.com My programs don't have bugs, they're called randomly added features. ----- Original Message ----- From: "James Homuth" <james@the-jdh.com> To: "'Speakup is a screen review system for Linux.'" <speakup@braille.uwo.ca> Sent: Friday, March 20, 2009 1:21 AM Subject: RE: denyhosts quandry > Before you start looking for an app to blame, check the logs. Open a SSH > session, tail -F /bath/to/ssh.log, then load WinSCP. Then you'll know > precisely what's causing Denyhosts to freak out. > > -----Original Message----- > From: speakup-bounces@braille.uwo.ca > [mailto:speakup-bounces@braille.uwo.ca] > On Behalf Of Tyler Littlefield > Sent: March 19, 2009 10:26 PM > To: Speakup is a screen review system for Linux. > Subject: denyhosts quandry > > Hello list, > I have a quick question. > I am running denyhosts on my linux system, to try to keep out attackers > from > running a password cracker on my ssh. > It's caught a few, but it seems to be screaming when I log in with win > SCP. > Basically, every time I log in, it just blocks my host out. > Is there a way I can either get it to stop, or possibly set it to not > block > that host? > I'm not sure why WIN SCP would trigger a denyhosts, as as far as I know, > it > runs when a password is incorrect. > Unless win SCP sends an invalid login for some reason first, or something > of > that sort. > > > Thanks, > Tyler Littlefield > Web: tysdomain.com > email: tyler@tysdomain.com > My programs don't have bugs, they're called randomly added features. > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup > > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup _______________________________________________ Speakup mailing list Speakup@braille.uwo.ca http://speech.braille.uwo.ca/mailman/listinfo/speakup ^ permalink raw reply [flat|nested] 25+ messages in thread
* Re: denyhosts quandry ` James Homuth @ ` Tyler Littlefield 0 siblings, 0 replies; 25+ messages in thread From: Tyler Littlefield @ UTC (permalink / raw) To: Speakup is a screen review system for Linux. gotcha. thanks. I understand the signing of private key and of another partie's public key (thanks to littlebrother) , but I wasn't sure how ssh did it. Thanks, Tyler Littlefield Web: tysdomain.com email: tyler@tysdomain.com My programs don't have bugs, they're called randomly added features. ----- Original Message ----- From: "James Homuth" <james@the-jdh.com> To: "'Speakup is a screen review system for Linux.'" <speakup@braille.uwo.ca> Sent: Friday, March 20, 2009 5:54 PM Subject: RE: denyhosts quandry > The keys themselves are encripted, so it's extremely unlikely someone's > going to break the encription. That's also why there are two keys. > -----Original Message----- > From: speakup-bounces@braille.uwo.ca > [mailto:speakup-bounces@braille.uwo.ca] > On Behalf Of Tyler Littlefield > Sent: March 20, 2009 7:00 PM > To: Speakup is a screen review system for Linux. > Subject: Re: denyhosts quandry > > someone on here mentioned using public and private key pairs. > I've now got that set up, and have disabled password authentication. > How secure is this--in other words, am I going to need denyhosts working > still? > Is this something that can be cracked by some script kiddy with to much > time? > > > Thanks, > Tyler Littlefield > Web: tysdomain.com > email: tyler@tysdomain.com > My programs don't have bugs, they're called randomly added features. > > ----- Original Message ----- > From: "James Homuth" <james@the-jdh.com> > To: "'Speakup is a screen review system for Linux.'" > <speakup@braille.uwo.ca> > Sent: Friday, March 20, 2009 1:21 AM > Subject: RE: denyhosts quandry > > >> Before you start looking for an app to blame, check the logs. Open a SSH >> session, tail -F /bath/to/ssh.log, then load WinSCP. Then you'll know >> precisely what's causing Denyhosts to freak out. >> >> -----Original Message----- >> From: speakup-bounces@braille.uwo.ca >> [mailto:speakup-bounces@braille.uwo.ca] >> On Behalf Of Tyler Littlefield >> Sent: March 19, 2009 10:26 PM >> To: Speakup is a screen review system for Linux. >> Subject: denyhosts quandry >> >> Hello list, >> I have a quick question. >> I am running denyhosts on my linux system, to try to keep out attackers >> from >> running a password cracker on my ssh. >> It's caught a few, but it seems to be screaming when I log in with win >> SCP. >> Basically, every time I log in, it just blocks my host out. >> Is there a way I can either get it to stop, or possibly set it to not >> block >> that host? >> I'm not sure why WIN SCP would trigger a denyhosts, as as far as I know, >> it >> runs when a password is incorrect. >> Unless win SCP sends an invalid login for some reason first, or something >> of >> that sort. >> >> >> Thanks, >> Tyler Littlefield >> Web: tysdomain.com >> email: tyler@tysdomain.com >> My programs don't have bugs, they're called randomly added features. >> _______________________________________________ >> Speakup mailing list >> Speakup@braille.uwo.ca >> http://speech.braille.uwo.ca/mailman/listinfo/speakup >> >> _______________________________________________ >> Speakup mailing list >> Speakup@braille.uwo.ca >> http://speech.braille.uwo.ca/mailman/listinfo/speakup > > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup > > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup ^ permalink raw reply [flat|nested] 25+ messages in thread
* Re: denyhosts quandry ` Tyler Littlefield ` James Homuth @ ` Jayson Smith ` Tyler Littlefield 1 sibling, 1 reply; 25+ messages in thread From: Jayson Smith @ UTC (permalink / raw) To: Speakup is a screen review system for Linux. Public key authentication is, as I understand it, extremely secure. If someone doesn't have your private key, chances are that they won't be getting in, no matter how much they try. Unfortunately, it also involves an element of risk. Assuming you've disabled password authentication, if you should ever lose your private key, you won't be getting in either. So be sure and have several backups of your keypair, and in particular, your private key, since without it, your system will be locked down to even you. Just don't let it fall into the wrong hands. Jayson ----- Original Message ----- From: "Tyler Littlefield" <tyler@tysdomain.com> To: "Speakup is a screen review system for Linux." <speakup@braille.uwo.ca> Sent: Friday, March 20, 2009 7:00 PM Subject: Re: denyhosts quandry > someone on here mentioned using public and private key pairs. > I've now got that set up, and have disabled password authentication. > How secure is this--in other words, am I going to need denyhosts working > still? > Is this something that can be cracked by some script kiddy with to much > time? > > > Thanks, > Tyler Littlefield > Web: tysdomain.com > email: tyler@tysdomain.com > My programs don't have bugs, they're called randomly added features. > > ----- Original Message ----- > From: "James Homuth" <james@the-jdh.com> > To: "'Speakup is a screen review system for Linux.'" > <speakup@braille.uwo.ca> > Sent: Friday, March 20, 2009 1:21 AM > Subject: RE: denyhosts quandry > > >> Before you start looking for an app to blame, check the logs. Open a SSH >> session, tail -F /bath/to/ssh.log, then load WinSCP. Then you'll know >> precisely what's causing Denyhosts to freak out. >> >> -----Original Message----- >> From: speakup-bounces@braille.uwo.ca >> [mailto:speakup-bounces@braille.uwo.ca] >> On Behalf Of Tyler Littlefield >> Sent: March 19, 2009 10:26 PM >> To: Speakup is a screen review system for Linux. >> Subject: denyhosts quandry >> >> Hello list, >> I have a quick question. >> I am running denyhosts on my linux system, to try to keep out attackers >> from >> running a password cracker on my ssh. >> It's caught a few, but it seems to be screaming when I log in with win >> SCP. >> Basically, every time I log in, it just blocks my host out. >> Is there a way I can either get it to stop, or possibly set it to not >> block >> that host? >> I'm not sure why WIN SCP would trigger a denyhosts, as as far as I know, >> it >> runs when a password is incorrect. >> Unless win SCP sends an invalid login for some reason first, or something >> of >> that sort. >> >> >> Thanks, >> Tyler Littlefield >> Web: tysdomain.com >> email: tyler@tysdomain.com >> My programs don't have bugs, they're called randomly added features. >> _______________________________________________ >> Speakup mailing list >> Speakup@braille.uwo.ca >> http://speech.braille.uwo.ca/mailman/listinfo/speakup >> >> _______________________________________________ >> Speakup mailing list >> Speakup@braille.uwo.ca >> http://speech.braille.uwo.ca/mailman/listinfo/speakup > > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup ^ permalink raw reply [flat|nested] 25+ messages in thread
* Re: denyhosts quandry ` Jayson Smith @ ` Tyler Littlefield 0 siblings, 0 replies; 25+ messages in thread From: Tyler Littlefield @ UTC (permalink / raw) To: Speakup is a screen review system for Linux. thanks; my private and public key pairs are stored on my thumb drive, so I keep them where ever I go. :) Thanks, Tyler Littlefield Web: tysdomain.com email: tyler@tysdomain.com My programs don't have bugs, they're called randomly added features. ----- Original Message ----- From: "Jayson Smith" <jaybird@bluegrasspals.com> To: "Speakup is a screen review system for Linux." <speakup@braille.uwo.ca> Sent: Friday, March 20, 2009 7:46 PM Subject: Re: denyhosts quandry > Public key authentication is, as I understand it, extremely secure. If > someone doesn't have your private key, chances are that they won't be > getting in, no matter how much they try. Unfortunately, it also involves > an element of risk. Assuming you've disabled password authentication, if > you should ever lose your private key, you won't be getting in either. So > be sure and have several backups of your keypair, and in particular, your > private key, since without it, your system will be locked down to even > you. Just don't let it fall into the wrong hands. > Jayson > > ----- Original Message ----- > From: "Tyler Littlefield" <tyler@tysdomain.com> > To: "Speakup is a screen review system for Linux." > <speakup@braille.uwo.ca> > Sent: Friday, March 20, 2009 7:00 PM > Subject: Re: denyhosts quandry > > >> someone on here mentioned using public and private key pairs. >> I've now got that set up, and have disabled password authentication. >> How secure is this--in other words, am I going to need denyhosts working >> still? >> Is this something that can be cracked by some script kiddy with to much >> time? >> >> >> Thanks, >> Tyler Littlefield >> Web: tysdomain.com >> email: tyler@tysdomain.com >> My programs don't have bugs, they're called randomly added features. >> >> ----- Original Message ----- >> From: "James Homuth" <james@the-jdh.com> >> To: "'Speakup is a screen review system for Linux.'" >> <speakup@braille.uwo.ca> >> Sent: Friday, March 20, 2009 1:21 AM >> Subject: RE: denyhosts quandry >> >> >>> Before you start looking for an app to blame, check the logs. Open a SSH >>> session, tail -F /bath/to/ssh.log, then load WinSCP. Then you'll know >>> precisely what's causing Denyhosts to freak out. >>> >>> -----Original Message----- >>> From: speakup-bounces@braille.uwo.ca >>> [mailto:speakup-bounces@braille.uwo.ca] >>> On Behalf Of Tyler Littlefield >>> Sent: March 19, 2009 10:26 PM >>> To: Speakup is a screen review system for Linux. >>> Subject: denyhosts quandry >>> >>> Hello list, >>> I have a quick question. >>> I am running denyhosts on my linux system, to try to keep out attackers >>> from >>> running a password cracker on my ssh. >>> It's caught a few, but it seems to be screaming when I log in with win >>> SCP. >>> Basically, every time I log in, it just blocks my host out. >>> Is there a way I can either get it to stop, or possibly set it to not >>> block >>> that host? >>> I'm not sure why WIN SCP would trigger a denyhosts, as as far as I know, >>> it >>> runs when a password is incorrect. >>> Unless win SCP sends an invalid login for some reason first, or >>> something of >>> that sort. >>> >>> >>> Thanks, >>> Tyler Littlefield >>> Web: tysdomain.com >>> email: tyler@tysdomain.com >>> My programs don't have bugs, they're called randomly added features. >>> _______________________________________________ >>> Speakup mailing list >>> Speakup@braille.uwo.ca >>> http://speech.braille.uwo.ca/mailman/listinfo/speakup >>> >>> _______________________________________________ >>> Speakup mailing list >>> Speakup@braille.uwo.ca >>> http://speech.braille.uwo.ca/mailman/listinfo/speakup >> >> _______________________________________________ >> Speakup mailing list >> Speakup@braille.uwo.ca >> http://speech.braille.uwo.ca/mailman/listinfo/speakup > > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup ^ permalink raw reply [flat|nested] 25+ messages in thread
end of thread, other threads:[~ UTC | newest]
Thread overview: 25+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
denyhosts quandry Tyler Littlefield
` Chris Brannon
` Tyler Littlefield
` James Homuth
` Kirk Reiser
` Tom Moore
` Tyler Littlefield
` James Homuth
` Tyler Littlefield
` James Homuth
` Tyler Littlefield
` James Homuth
` Tyler Littlefield
` James Homuth
` Tyler Littlefield
` farhan
` Gregory Nowak
` Gregory Nowak
` Tyler Littlefield
` Tyler Littlefield
` Tyler Littlefield
` James Homuth
` Tyler Littlefield
` Jayson Smith
` Tyler Littlefield
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).