From: Jason L T. I. <ti...@ma...> - 2007-04-23 16:51:52
|
I'm applying this patch: https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=153291 to denyhosts 2.6 in Fedora to get around this error: denyhosts : ERROR regex pattern ( User (?P<user>.*) not allowed because not listed in AllowUsers ) is missing 'host' group The version of openssh that's shipping in Fedora, at least, provides an IP address on that line so there's sufficient info to extract a host to block. (That's openssh 4.3p2 in FC5 and FC6, 4.5p1 in F7.) Failure to block in that instance could be considered by some as a minor security issue, as then we're not blocking hosts which try to log in as, say, root, even though there's no chance they could ever do so because of AllowUsers. - J< |