[sslh] fail2ban
perini.davide@dpsoftware.org_IMAP
perini.davide at dpsoftware.org
Sun Oct 6 14:43:06 CEST 2013
Yves, I love you and your sslh!
I managed to do that with
start() {
echo -n "Starting SSL-SSH-Switch: "
if [ -f $PIDFILE ]; then
PID=`cat $PIDFILE`
echo sslh already running: $PID
exit 2;
else
daemon --user MYUSER $SSLH $OPTIONS
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch $PIDFILE
return $RETVAL
fi
}
as you can see I added the --user to the daemon.
daemon --user dpsoftware $SSLH $OPTIONS
Do you see any security issues in this?
Can I use it without problem?
ThankS!!!!
Il 06/10/2013 14.34, Yves Rutschle ha scritto:
> On Sun, Oct 06, 2013 at 02:01:07PM +0200, perini.davide at dpsoftware.org_IMAP wrote:
>> There is some big guru that says that
>> if a software as a problem with red hat generally the software has a
>> problem :D
> This particular problem could be fixed within sslh but would
> open other problems.
>
> And I'm pretty sure this can be fixed in your sslh start-up
> script.
>
> According to the sample script I have for CentOS, RedHat
> uses a 'daemon' command to start services, and according to
> the manual you should be able to add the --user command to
> the daemon startup line, which should fix the problem.
>
> If you're using the CentOS script from the sslh repository,
> I think just setting SSLH_USER should do the trick.
>
> Y.
More information about the sslh
mailing list