Whitelisting An IP Address With “DenyHosts”

DenyHosts is an excellent tool that aids in protecting SSH servers that are exposed to the Internet. It’s not at all uncommon for Linux servers that have multiple remote SSH users/administrators to have port 22 open to the Internet at large.

DenyHosts will automatically blacklist an given source IP address by writing that IP to the file ~/hosts.deny, thereby blocking the IP from SSH access. The downside of such automatic blocking is that a legitimate user who mistypes their password can be added to the hosts.deny list as well.

The solution to this problem is to add known safe IP addresses to the ~/allow-hosts file. On Debian 4/5 it’s located in this directory “/var/lib/denyhosts”.

Edit the ~/allow-hosts file and add the whitelisted IP address then save the file. Go ahead and check the hosts.deny file and see if the IP address you want to whitelist is there as well, if it is (having been blacklisted) go ahead and remove it then save the file.

Problem solved.

Like this:

Be the first to like this post.

This entry was posted on July 17, 2010 at 11:26 am and is filed under IT Security . You can follow any responses to this entry through the RSS 2.0 feed You can leave a response, or trackback from your own site.

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Not published)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

The Black Flag