Whitelisting An IP Address With “DenyHosts”
DenyHosts is an excellent tool that aids in protecting SSH servers that are exposed to the Internet. It’s not at all uncommon for Linux servers that have multiple remote SSH users/administrators to have port 22 open to the Internet at large.
DenyHosts will automatically blacklist an given source IP address by writing that IP to the file ~/hosts.deny, thereby blocking the IP from SSH access. The downside of such automatic blocking is that a legitimate user who mistypes their password can be added to the hosts.deny list as well.
The solution to this problem is to add known safe IP addresses to the ~/allow-hosts file. On Debian 4/5 it’s located in this directory “/var/lib/denyhosts”.
Edit the ~/allow-hosts file and add the whitelisted IP address then save the file. Go ahead and check the hosts.deny file and see if the IP address you want to whitelist is there as well, if it is (having been blacklisted) go ahead and remove it then save the file.