Denyhosts Assists

Every so often a legitimate user will get blocked by deny hosts.  When this happens you can re-enable their access with these 8 simple steps (UPDATE: or use the faster version, see below):

1. Stop DenyHosts

   # service denyhosts stop

2. Remove the IP address from /etc/hosts.deny
3. Edit /var/lib/denyhosts/hosts and remove the lines containing the IP address.
4. Edit /var/lib/denyhosts/hosts-restricted and remove the lines containing the IP address.
5. Edit /var/lib/denyhosts/hosts-root and remove the lines containing the IP address.
6. Edit /var/lib/denyhosts/hosts-valid and remove the lines containing the IP address.
7. Edit /var/lib/denyhosts/users-hosts and remove the lines containing the IP address.
8. Consider adding the IP address to /etc/hosts.allow

   sshd:  IP_Address

9. Start DenyHosts

   # service denyhosts start

That’s it, your user should be able to access the server again.

The above process was a bit tedious however I am leaving it there because it gives details about what files are involved.  Since doing the above is time consuming here is what I have been doing that is much easier:

1. Stop DenyHosts

   # service denyhosts stop

2. Remove the IP address from /etc/hosts.deny

   1. # sed -i '/IP_ADDRESS/d' /etc/hosts.deny

3. Remove all entries found under /var/lib/denyhosts/ containing the IP address.

   1. # cd /var/lib/denyhosts
      # for i in *hosts*;do sed -i '/IP_ADDRESS/d' "$i";done

4. Consider adding the IP address to /etc/hosts.allow

   sshd:  IP_Address

5. Start DenyHosts

   # service denyhosts start