Denyhosts Assists
- Apr
- 10
- Posted by TKH Specialist
- Posted in Security, System Administration
Every so often a legitimate user will get blocked by deny hosts. When this happens you can re-enable their access with these 8 simple steps (UPDATE: or use the faster version, see below):
- Stop DenyHosts
# service denyhosts stop
- Remove the IP address from
/etc/hosts.deny
- Edit
/var/lib/denyhosts/hosts
and remove the lines containing the IP address. - Edit
/var/lib/denyhosts/hosts-restricted
and remove the lines containing the IP address. - Edit
/var/lib/denyhosts/hosts-root
and remove the lines containing the IP address. - Edit
/var/lib/denyhosts/hosts-valid
and remove the lines containing the IP address. - Edit
/var/lib/denyhosts/users-hosts
and remove the lines containing the IP address. - Consider adding the IP address to /etc/hosts.allow
sshd: IP_Address
- Start DenyHosts
# service denyhosts start
That’s it, your user should be able to access the server again.
The above process was a bit tedious however I am leaving it there because it gives details about what files are involved. Since doing the above is time consuming here is what I have been doing that is much easier:
- Stop DenyHosts
# service denyhosts stop
- Remove the IP address from
/etc/hosts.deny
-
# sed -i '/IP_ADDRESS/d' /etc/hosts.deny
-
- Remove all entries found under
/var/lib/denyhosts/
containing the IP address.-
# cd /var/lib/denyhosts # for i in *hosts*;do sed -i '/IP_ADDRESS/d' "$i";done
-
- Consider adding the IP address to /etc/hosts.allow
sshd: IP_Address
- Start DenyHosts
# service denyhosts start
Recent Comments
- Stefan on Flush This!
- Timestamping your Bash History | Matt's Entropy on Remember when you issued that command…?
- Matt Smith on Remember when you issued that command…?
- Ruan on Putting ‘lsof’ to use
- Dylan F. Marquis on External Mapping of LDAP attributes in CAS