DenyHosts

Introduction
From the DenyHosts SourceForge page:


 * DenyHosts is a script intended to be run by Linux system administrators to help thwart SSH server attacks (also known as dictionary based attacks and brute force attacks).


 * If you've ever looked at your ssh log, you may be alarmed to see how many hackers attempted to gain access to your server. Hopefully, none of them were successful (but then again, how would you know?). Wouldn't it be better to automatically prevent that attacker from continuing to gain entry into your system?

Installing
The installation is straight-forward, the package does not have any USE-flags:

Location of the ssh logs
The primary option we need to configure for DenyHosts to work properly is the location of the file where login attempts are stored. If you haven't changed your sshd_config, this should be /var/log/messages. The file should contain lines like these:

Configure /etc/denyhosts.conf to match the correct file:

Optional Settings
You can define when a host is considered to be malicious in the configuration file, which is very well documented.

Starting up
Once you have finished configuring your denyhosts installation, you can either set it up as a cron job or as a daemon. Using the daemon allows you to configure some more features, like having a log file, for example (see configuration section above for details):

Daemon
You can configure DenyHosts to run as a daemon by running:

Cron job
or as a cronjob, by adding the following to /etc/crontab

Define allowed hosts
DenyHosts lists banned hosts in. If you have failed to log into the server in past occasions, you might be blocked by DenyHosts. To be safe, you should define well known hosts in. For example:

Troubleshooting
due to bug https://bugs.gentoo.org/show_bug.cgi?id=286191 (comment 74) if denyhosts does not start using the init script, do the following :