It appears as though sshd is logging hostnames rather than ip addresses. You are allowing "72.24.132.118" but it appears that "72-24-132-118.cpe.cableone.net" is being blocked which is (most likely) the same host but DenyHosts is adding the latter to /etc/hosts.deny. Once that's in there, DenyHosts doesn't have anything to do with the block, it's sshd.
You should probably configure your sshd server to log ip addresses and not perform hostname lookups. Alternatively, if you really need sshd to log hostnames then you might want to consider this feature: http://denyhosts.sourceforge.net/faq.html#3_8 Regards, Phil On Tue, 27 Oct 2009, Marconi wrote: > I have managed to ban the IP of my workstation yet again on my server. > > On my server: > > > smtp:/usr/share/denyhosts/data root# grep "72.24.132.118" * > allowed-hosts:72.24.132.118 > hosts:72-24-132-118.cpe.cableone.net:6:Tue Oct 27 03:15:18 2009 > hosts:72.24.132.118:318:Tue Aug 25 03:15:13 2009 > hosts-restricted:72-24-132-118.cpe.cableone.net:0:Mon Oct 26 10:48:59 2009 > hosts-restricted:72.24.132.118:0:Thu Jul 23 13:50:12 2009 > hosts-root:72-24-132-118.cpe.cableone.net:0:Mon Oct 26 10:48:59 2009 > hosts-root:72.24.132.118:0:Thu Jul 23 13:50:12 2009 > hosts-valid:72-24-132-118.cpe.cableone.net:0:Mon Oct 26 10:48:59 2009 > hosts-valid:72.24.132.118:0:Wed Jul 22 03:15:08 2009 > Binary file purge-history matches > sync-received:72.24.132.118:Tue Oct 27 04:31:11 2009 > smtp:/usr/share/denyhosts/data root# > > > What might be wrong with my configuration that causes 72.24.132.118 > to be banned**? > > Note: my server's sshd is configured to allow passwordless root > log-in using keys, no password. This works when using Terminal (OS X) > but when I try to use BBEdit, a text editor which has sftp > capability, it fails when trying to log in as root with no password. > That is, apparently, how my workstation IP gets banned -- trying to > log in as root via BBEdit. > > Strangely, BBEdit always asks for root's password even though is > should not need one. If anyone can shed light on that as well, it > would be appreciated. > > ** > Note that despite Denyhosts' 'banning' of my IP, I can still su to > root on my workstation and ssh to my server, connecting without a > password. > > > ------------------------------------------------------------------------------ > Come build with us! The BlackBerry(R) Developer Conference in SF, CA > is the only developer event you need to attend this year. Jumpstart your > developing skills, take BlackBerry mobile applications to market and stay > ahead of the curve. Join us from November 9 - 12, 2009. Register now! > http://p.sf.net/sfu/devconference > _______________________________________________ > Denyhosts-user mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/denyhosts-user > -- Regards, Phil Schwartz - http://www.phil-schwartz.com Open Source Projects: - DenyHosts: http://www.denyhosts.net - Kodos: http://kodos.sourceforge.net - ReleaseForge: http://releaseforge.sourceforge.net - Scratchy: http://scratchy.sourceforge.net - FAQtor: http://faqtor.sourceforge.net ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ Denyhosts-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/denyhosts-user
