To remove a host that denyhosts has banned
Posted on | May 13, 2009 | 4 Comments
Denyhosts is a utility that automatically bans IPs who attempt to ssh in to your server and get three wrong passwords. This is great when people are dictionary-attacking your SSH server, but less good when you have actual users who might get their password wrong.
The FAQ for denyhosts says how to fix this if it happens and your users are banned, but it’s a bit faffy, so I’m putting my script here. It works for me, it may screw your life up. Backups are your friend.
#/bin/sh
REMOVE=$1
/etc/init.d/denyhosts stop
cd /var/lib/denyhosts
for THISFILE in hosts hosts-restricted hosts-root hosts-valid users-hosts;
do
mv $THISFILE /tmp/;
cat /tmp/$THISFILE | grep -v $REMOVE > $THISFILE;
rm /tmp/$THISFILE;
done;
mv /etc/hosts.deny /tmp/
cat /tmp/hosts.deny | grep -v $REMOVE > /etc/hosts.deny;
rm /tmp/hosts.deny
/etc/init.d/denyhosts start
Needs to run as root or someone with access to all denyhost’s files (plus hosts.deny).
Comments
4 Responses to “To remove a host that denyhosts has banned”
Lifestream
Google Reader Shared Items
- Coding Horror: A Visual Explanation of SQL Joins (www.codinghorror.com)
- TaskRabbit: new part-time work for people without jobs (Christian Science Monitor | All Stories)
- Installing Rails 3 on Ubuntu (web2linux.com)
- How Programmer Reacts On Different Situations (Cartoon Strip) (Free and Useful Online Resources for Designers and Developers)
- A Softer World: 581 (A Softer World)
Recent Comments
- David: Oh, it would also be best to use `mktemp` to create temporary files. Stops people succeeding when they attempt...
- David: I have this problem with git repositories — or revision-control in question — too: I keep...
- Alex: I need one of those for SVN….
- Ben: “Neverwinter features co-operative multiplayer in an ever-evolving, persistent world where Dungeons &...
- Aquarion: There is, though Mr Lynch got whacked with the depression stick a little while ago, so it’s been...
May 14th, 2009 @ 9:39 am
I use this:
http://dwm.me.uk/articles/2008/mitigating-ssh-attacks
It works, and doesn’t require any maintenance.
May 20th, 2009 @ 7:55 am
Hi,
thanks for a great script! This is the version of your script if you install DenyHosts from source (for instance on Slackware :)).
I hope it helps someone :)
#/bin/sh
REMOVE=$1
/usr/share/denyhosts/daemon-control stop
cd /usr/share/denyhosts/data
for THISFILE in hosts hosts-restricted hosts-root hosts-valid users-hosts;
do
mv $THISFILE /tmp;
cat /tmp/$THISFILE | grep -v $REMOVE > $THISFILE;
rm /tmp/$THISFILE;
done;
mv /etc/hosts.deny /tmp/
cat /tmp/hosts.deny | grep -v $REMOVE > /etc/hosts.deny;
rm /tmp/hosts.deny
/usr/share/denyhosts/daemon-control start
July 6th, 2009 @ 7:26 am
Works like a charm, Although I added users-valid to the list.
Thanks Alot!!
May 10th, 2010 @ 12:36 pm
Thanks for this great Script!