I have setup Denyhosts to run on my server, and have been using it succesfully for the last few weeks, to allow me to ssh into my server from my home dev machine.
This morning, I accidentally typed my password incorrectly three times – and ended up being locked out of the system (tghat was ok, because that was what was supposed to happen). I logged into the server via another way and took the following actions (in the order given)
- /etc/init.d/ssh stop
- /etc/init.d/denyhosts stop
- removed my IP address from /etc/hosts.deny
- /etc/init.d/ssh start
- /etc/init.d/denyhosts start
Between steps 4 and 5, I checked /etc/hosts.deny. I noticed that as soon as I started denyhosts, my IP address was added aagin to the hosts.deny file. It appearrs that denyhosts is cacheing this information somewhere and I cant get it to reset.
Does anyone know how I may resolve this?. I am running on Ubuntu 10.0.4
BTW the error message I get is:
sh_exchange_identification: Connection
closed by remote host
[Edit]
I took a look in /var/lib/denyhosts and saw there were several entries for my IP address (changed here to 12.34.56.78). Why so many entries – and which one do I need to remove?
./hosts:12.34.56.78:6:Tue Aug 10
11:37:07 2010
./hosts-root:12.34.56.78:0:Mon Aug 9
09:04:36 2010
./hosts-valid:12.34.56.78:0:Mon Aug 9
09:04:36 2010
Best Answer
Check files in
/var/lib/denyhosts/as your IP is stored there too. For the future, add your IP to/etc/hosts.allow: