Package denyhosts in Ubuntu Trusty Tahr is deleted: temporary or forever?

Question

While doing a test-upgrade of our Ubuntu server to 14.04, I found that the package DenyHosts is no longer available. Installing it gives following error:

apt-get install denyhosts
Reading package lists... Done
Building dependency tree       
Reading state information... Done
E: Unable to locate package denyhosts

Apparently it has been deleted, according to launchpad.

Will Denyhosts be available in the final release of Ubuntu 14.04?

Panther · Accepted Answer · 2017-08-22T18:38:37.157

I am sorry denyhosts has reached this stage, but I think you answered your own question :

dead upstream; unmaintained; dysfunctional in sid

Unmaintained upstream projects will reside in the repos, with patches, until the packages can no longer patch, so looks like the end for denyhosts.

My best advice is to look for alternates.

Personally I harden my ssh server

And use iptables

sudo iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH --rsource -j ACCEPT
sudo iptables -A INPUT -m recent --update --seconds 600 --hitcount 8 --rttl --name SSH --rsource -j DROP

See http://bodhizazen.com/Tutorials/iptables

all the links in this post are from my LUG ;)

score 8 · Answer 2 · answered Mar 13 '14 at 21:42

No, it's not comming back. bodhi offers some good suggestion on how you can replace it, but it's also worth explaining why it was remove.

It was removed in Debian at the request of the Debian Security Team:

There are unaddressed security issues (e.g. #692229).

The tool is dead upstream (last release 2008).

There is a viable alternative, fail2ban, that provides the same or increased feature set.

You might also want to check out this question on ServerFault:

Denyhosts vs fail2ban vs iptables- best way to prevent brute force logons?

score 4 · Answer 3 · edited May 18 '14 at 19:13

4

While DenyHosts is not available as a package in Ubuntu, there is a fork of the upstream project here: http://denyhost.sf.net The fork includes security patches and better supports Ubuntu. You can install it by downloading the tarball and running

tar xzf denyhost-2.7.tar.gz
cd DenyHosts-2.7
sudo python setup.py install

edited May 18 '14 at 19:13

Eric Carvalho

55,453

answered May 18 '14 at 18:34

Jesse

41

score 0 · Answer 4 · edited Aug 21 '14 at 16:13

0

It is unmaintained, but issue #692229 is fixed, as noted here https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692229

Fail2ban isn't really an alternative if you want to use a sync server. I haven't seen other systems than denyhosts that support this.

So, as long as it works, why not use it?

edited Aug 21 '14 at 16:13

No Time

1,073

answered Aug 21 '14 at 15:45

Roy Sigurd Karlsbakk

1

score -1 · Answer 5 · answered Feb 14 '15 at 03:54

-1

It appears that a fork is now being maintained at https://github.com/denyhosts/denyhosts and the current version is 2.9.

answered Feb 14 '15 at 03:54

George

1

Package denyhosts in Ubuntu Trusty Tahr is deleted: temporary or forever?

5 Answers5

Linked

Related