I've followed your guide and installed denyhosts to protect on my RedHat 5.3 OpenSSH based server. However, I've been accidentally blocked out from my home ADSL IP address. I tried removing my blocked IP from /etc/hosts.deny, but it did blocked it again quickly. It appears that DenyHosts keeps track of the attempts somewhere on disk or memory. How do I remove my own home IP address from DenyHosts?
Simply removing your IP from /etc/hosts.deny does not work since DenyHosts keeps track of the attempts in the /usr/share/denyhosts/data directory. In order to remove your IP address you will need to do the following.
Step # 1: Stop DenyHosts
# /etc/init.d/denyhosts stop
Step # 2: Remove Your IP From /etc/hosts.deny
# vi /etc/hosts.deny
Delete your IP address. Save and close the file.
Step # 3: Remove Your IP From /usr/share/denyhosts/data Directory
Cd to /usr/share/denyhosts/data
# cd /usr/share/denyhosts/data
You need to edit the following files using vi and remove the lines containing the IP address. Save the file.
If you've static IP address add to allowed-hosts file. Any IP address that appears in this file will not be blocked by default (consider this as a whilelist):
# echo '18.104.22.168' >> allowed-hosts
Step # 4: Start DenyHosts
# /etc/init.d/denyhosts start
- Debian Linux Stop SSH User Hacking / Cracking Attacks with DenyHosts Software
- Top 20 OpenSSH Server Best Security Practices
- Denyhosts project