In my hosts.allow file, I control my SSHD access by allowing my own IP's then denying sshd to all at the end of the file..
(something like this
sshd : MY.IP.GOES.HERE : allow
#All SSH from My IP
sshd : ALL : deny
#Deny access from all other IPs
On 2 of my 5 services, for some reason, IP's automatically keep getting added to the top of the file... and the file ends up looking like this:
# DenyHosts: Fri Apr 16 11:31:39 2010 | ALL: 201.21.179.103
ALL : 201.21.179.103 : allow
sshd : MY.IP.GOES.HERE : allow
#All SSH from My IP
sshd : ALL : deny
#Deny access from all other IPs
I dont know why they are being added to hosts.allow (i thought thats what hosts.deny was for), but either way, it says the program DenyHosts is adding it, and its adding it with the "allow" command instead of deny. I figured these IP's were coming from the brute force protection, but Im probably wrong.
Whats weird is only 2 of my 5 servers do this. On my other 3 servers, hosts.allow stays un-modified. ( I tend to keep all my servers setup the exact same way) This is causing problems for me cause when my IP address changes from my ISP, I have to login to WHM to change my IP on the Host Access Control page, and when these IP addresses get added automatically, it takes about 5 minutes for this page to load because of how many new IP's are listed. Once I modify my IP, I can ssh in and I manually remove all the new entries in the hosts.allow file.
Im running cPanel 11.25.0-R44718 - WHM 11.25.0 - X 3.9
CENTOS 5.4 i686 standard
Any ideas?
(something like this
sshd : MY.IP.GOES.HERE : allow
#All SSH from My IP
sshd : ALL : deny
#Deny access from all other IPs
On 2 of my 5 services, for some reason, IP's automatically keep getting added to the top of the file... and the file ends up looking like this:
# DenyHosts: Fri Apr 16 11:31:39 2010 | ALL: 201.21.179.103
ALL : 201.21.179.103 : allow
sshd : MY.IP.GOES.HERE : allow
#All SSH from My IP
sshd : ALL : deny
#Deny access from all other IPs
I dont know why they are being added to hosts.allow (i thought thats what hosts.deny was for), but either way, it says the program DenyHosts is adding it, and its adding it with the "allow" command instead of deny. I figured these IP's were coming from the brute force protection, but Im probably wrong.
Whats weird is only 2 of my 5 servers do this. On my other 3 servers, hosts.allow stays un-modified. ( I tend to keep all my servers setup the exact same way) This is causing problems for me cause when my IP address changes from my ISP, I have to login to WHM to change my IP on the Host Access Control page, and when these IP addresses get added automatically, it takes about 5 minutes for this page to load because of how many new IP's are listed. Once I modify my IP, I can ssh in and I manually remove all the new entries in the hosts.allow file.
Im running cPanel 11.25.0-R44718 - WHM 11.25.0 - X 3.9
CENTOS 5.4 i686 standard
Any ideas?
