#1  
Old 26th July 2006, 00:52
StupidScript StupidScript is offline
Junior Member
 
Join Date: Jul 2006
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
Default Denyhosts doesn't like my IP

Fedora Core 4, Denyhosts v.2.4 and v.2.5 (same problem, both versions)

I've got Denyhosts installed with no problem, consistent with the fine tutorial on this site, however I am experiencing an odd issue while it is running.

I can't get the program to allow my IP address.

When I login either via SSH or Webmin, as soon as Denyhosts runs its next cycle, my IP is added to hosts.deny. Fortunately, I am logged in, so I edit hosts.deny and remove my IP so I can get back in later, but it's seriously irritating.

Except for the one file noted in the next paragraph, there is no mention of my IP in any of the files in the WORK_DIR.

I have made the allowed-hosts file in /usr/share/denyhosts/data (the WORK_DIR) and inserted my IP in it. Even after restarting, this has no effect.

I have added my IP (ALL: 123.123.123.123) to hosts.allow, but this is also ineffective.

I have modified the SUCCESSFUL_ENTRY_REGEX both in the /usr/lib/python2.4/site-packaes/DenyHosts/regex.py file and overridden that variable by including a reference to it in /usr/share/denyhosts/denyhosts.cfg, with no effect. (I modified that regex because it was only set to look for "Accepted", which Webmin does not use, and apparently /var/log/secure's note about successfully logging out was also triggering denyhosts to add my IP to hosts.deny.)

Here's the truly odd part ... I have another Fedora Core 4 server on which I installed Denyhosts 2.4 (from source tarball) at the same time as I first installed it on the problem system (both dedicated boxes, freshly provisioned), and that system doesn't do anything with my IP, either via SSH or Webmin. It successfully adds attacking IPs to hosts.deny, but it ignores mine, which is just what I want.

So I don't know if this is a problem with Denyhosts not including the allowed-hosts file, not reading hosts.allow, or maybe it's a tcpwrappers issue or what ... I'm running out of ideas.

Today, I removed all Denyhosts v.2.4 files from the problem system and installed v.2.5 from the source RPM file provided by the program's author, and there is absolutely no change. Same problem.

I would really appreciate any thoughts. TIA.
Reply With Quote
Sponsored Links
  #2  
Old 27th July 2006, 11:51
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,740 Times in 2,575 Posts
Default

Did you have a look here? http://denyhosts.sourceforge.net/faq.html#3_7
Maybe you should also remove your IP address from the other files in your WORK_DIR.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 27th July 2006, 18:33
StupidScript StupidScript is offline
Junior Member
 
Join Date: Jul 2006
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thank you for the reply, Falko.

I apologize for not being more clear in my first post. I have already implemented the allowed-hosts suggestion to no effect, and my IP address is not in any of the files in WORK_DIR except for that one (allowed-hosts).

Please note that, as mentioned above, I have also included my IP in hosts.allow, which is having no effect.

Could this be a tcpwrappers issue of some kind?
Reply With Quote
  #4  
Old 28th July 2006, 14:19
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,740 Times in 2,575 Posts
Default

Is maybe your hostname (instead of your IP address) listed in any of the files?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 28th July 2006, 19:16
StupidScript StupidScript is offline
Junior Member
 
Join Date: Jul 2006
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
Default

OMG. (Where's the smiley for "I'm an idiot"? Oh ... )

Y'know how you get something in your head and it gets locked in there despite all of the evidence? Well ... it seems that jumping around from network to network has scrambled my brains.

I could SWEAR that winipcfg showed '207.xxx.xxx.xxx' more than once ... and that's the address I was trying to allow, despite repeatedly removing '206.xxx.xxx.xxx' from hosts.deny and all that stuff. Whadda nooge!

Thank you for your patience, falko. Once I slapped the bad IP address out of my head, I could clearly see my correct IP in ALL of the WORK_DIR files ... except allowed-hosts, of course. Which explains why grepping for it never turned up anything ...

Have a great day!
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Denyhosts on CentOS 4.3 rawoo HOWTO-Related Questions 6 4th January 2007 15:08
Denyhosts on Ubuntu? Jcorrea920 HOWTO-Related Questions 16 6th December 2006 17:16
DenyHosts stop problem Jcorrea920 Server Operation 8 28th April 2006 22:10
How do I block an IP address from SSH? Jcorrea920 Installation/Configuration 2 19th March 2006 05:05


All times are GMT +2. The time now is 11:46.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.