Whitelisting An IP Address With “DenyHosts”

DenyHosts is an excellent tool that aids in protecting SSH servers that are exposed to the Internet. It’s not at all uncommon for Linux servers that have multiple remote SSH users/administrators to have port 22 open to the Internet at large.

DenyHosts will automatically blacklist an given source IP address by writing that IP to the file ~/hosts.deny, thereby blocking the IP from SSH access.  The downside of such automatic blocking is that a legitimate user who mistypes their password can be added to the hosts.deny list as well.

The solution to this problem is to add known safe IP addresses to the ~/allow-hosts file. On Debian  4/5 it’s located in this directory “/var/lib/denyhosts”.

Edit the ~/allow-hosts file and add the whitelisted IP address then save the file. Go ahead and check the hosts.deny file and see if the IP address you want to whitelist is there as well, if it is (having been blacklisted) go ahead and remove it then save the file.

Problem solved.

6 Responses to “Whitelisting An IP Address With “DenyHosts””

  1. Ana, Hébergement dédié…

    [...]Whitelisting An IP Address With “DenyHosts” « The Black Flag[...]…

  2. looks like another dead right wing blog

  3. I could tell how great you are in your field of interest. You could relate in each detail very well. Thank you for spending a time on sharing such informative writings to us. I will bookmark your page and looking forward to read some more of your writings soon.

  4. You really have brought a lot of issues up for many in your blog post. I just want to say thanks for putting it all down for everyone else. I’ll check this blog out again soon.

  5. SPY INDIA (P) LTD is a well-known organization for working with spy digital camera, spy credit ranking rating traditional traditional financial institution bank financial institution cards etc. and other spy gadgets. This organization provides to online customer for buying any spy gadgets with big less expensive.

  6. The file name is allowed-hosts, not allow-hosts

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: