DenyHosts: Remove / Delete an IP address

I‘ve followed your guide and installed denyhosts to protect on my RedHat 5.3 OpenSSH based server. However, I’ve been accidentally blocked out from my home ADSL IP address. I tried removing my blocked IP from /etc/hosts.deny, but it did blocked it again quickly. It appears that DenyHosts keeps track of the attempts somewhere on disk or memory. How do I remove my own home IP address from DenyHosts?

Simply removing your IP from /etc/hosts.deny does not work since DenyHosts keeps track of the attempts in the /usr/share/denyhosts/data directory. In order to remove your IP address you will need to do the following.

Step # 1: Stop DenyHosts

# /etc/init.d/denyhosts stop

Step # 2: Remove Your IP From /etc/hosts.deny

# vi /etc/hosts.deny
Delete your IP address. Save and close the file.

Step # 3: Remove Your IP From /usr/share/denyhosts/data Directory

Cd to /usr/share/denyhosts/data
# cd /usr/share/denyhosts/data
You need to edit the following files using vi and remove the lines containing the IP address. Save the file.

  1. hosts
  2. hosts-restricted
  3. hosts-root
  4. hosts-valid
  5. users-hosts

If you’ve static IP address add to allowed-hosts file. Any IP address that appears in this file will not be blocked by default (consider this as a whilelist):
# echo '1.2.3.4' >> allowed-hosts

Step # 4: Start DenyHosts

# /etc/init.d/denyhosts start

Recommend Readings:

  1. Debian Linux Stop SSH User Hacking / Cracking Attacks with DenyHosts Software
  2. Top 20 OpenSSH Server Best Security Practices
  3. Denyhosts project

Posted by: SXI ADMIN

The author is the creator of SXI LLC and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.