Denyhosts blocking router IP
I've been using the denyhosts software for about 8 months to block IPs that are trying to connect to my network that shouldn't be. I'm having trouble with it today for the first time and I can't track down the issue.
It is installed on the main server which is the outside IP for the network as well. This should allow me to SSH to the hostname/network IP, or the NAT IP as well. It worked fine up until this morning when I started to work on an ftp server, as far as I know I didn't make any changes that should cause problems.
hosts.deny starts with no 192.x.x.x addresses in it.
In allowed-hosts for denyhosts I have entered 192.168.1.1 so that the router should never get blocked.
I can SSH to the hostname perfectly fine, connection doesn't drop or anything.
If I SSH to the NAT address the connection hangs there while the IP address gets added to hosts.deny
I can confirm 100% that I was able to SSH to my NAT from within the network with no problem, now it seems to throw the router IP into hosts.deny if I try to connect from within the network using the NAT.
Here is the error that I get in /var/log/secure
sshd[9272]: Did not receive identification string from 192.168.1.1
I did update my system recently which may have changed the way some files behave, I will try updating Denyhosts as well. It looked like the address being blocked was an IPv6 since it was showing as:
sshd[9201]: refused connect from ::ffff:192.168.1.1 (::ffff:192.168.1.1)
I added ::ffff:192.168.1.1 to allowed-hosts and the IPv4 address wasn't added to the hosts.deny the last time I tried.
Last edited by Myiagros; 07-09-2010 at 11:26 AM.
Reason: more info added
|