[FreeNX-kNX] Re: Problem with Nx, Fluxbox and suspended sessions
Marco Passerini
marco.passerini at csc.fi
Wed May 18 12:58:40 UTC 2011
The idea of a second sshd on the internal network sounds good!
I configured Fail2ban to block the brute forces on SSH but also those
users who know the shared key and try to brute force NX with that.
/etc/fail2ban/jail.conf contains the following entry:
[freenx-tcpwrapper]
enabled = true
filter = freenx
action = hostsdeny
sendmail-whois[name=FreeNX, sender=hostemail at email.com,
dest=myemail at email.com]
logpath = /var/log/messages
Then I created a file /etc/fail2ban/filter.d/freenx.conf
[INCLUDES]
before = common.conf
[Definition]
_daemon = nxserver
failregex = ^.*\(nx\) Failed login for user=(.*) from IP=<HOST>\s*
ignoreregex =
On 05/18/2011 02:49 PM, chris at ccburton.com wrote:
> Marco Passerini<marco.passerini at csc.fi> wrote on 18/05/2011 12:25:32:
>
>> Ok that does the job! Now there is an .Xauthority file containing the
>> cookie in each user folder.
>> Thanks a lot for your help!
>>
>> By the way I also fixed fail2ban to work with the SSH authentication so
> What did you do??
>
>> I might switch to that mode, if it's more common.
> It's the default, so therefore more common by default (I expect).
>
> I run two sshd-es, so I don't have to have password authentication enabled
> on an external interface.
>
> I also avoid port 22 on the external interface, so the logs don't
> get filled up with failed attempts . . . .
>
> cb
More information about the FreeNX-kNX
mailing list