_Quick install instructions for sshdfilter_

For the brave (as this is not so tested), run:
./install.pl
and read below, steps 6 onwards.

Or manually install with:
1.
run 
./regen.sh
to recreate distribution specific filters from sshdfilter.base

2.
copy etc/sshdfilterrc to /etc
and edit to suit you

3.
copy sshdfilter.<your distro> to /usr/sbin/sshdfilter, or maybe /usr/local/sbin/sshdfilter
rh7390 - RedHat 7.3 and RedHat 9.0
rhFC30 - RedHat Fedora Core 3.0
deb31  - Debian 3.1 (sarge)

4.
Modify the startup script /etc/init.d/sshd to run sshdfilter instead of sshd, an example is in etc/init.d/sshd

5.
If your system uses LogWatch, you can find parsing scripts in etc/log.d/

6.
Restart sshd via sshdfilter, normally with:
/etc/init.d/sshd restart
and check the process tree with:
ps -pu | less -S
(use the cursor keys to move about, q quits)
This should show sshdfilter, with two children, sshdfilter and sshd. Now ssh logins will appear as children of this sshd - which is how sshd has always worked.

7.
Exceptions to the usual sshdfilter blocking rules can be made with iptables. If triggered, sshdfilter will say that a given IP is blocked, but an iptables exception before the SSHD jump rule will avoid any blocks.

Post Install
Inform the users of what happens if they try to many password guesses.

