Every IP which logs in with ssh is being written to the hosts-restricted file, which has its own default deny value in the config DENY_THRESHOLD_RESTRICTED. If this value is lower is negates DENY_THRESHOLD_INVALID.
As another user, it's not clear to me what issue is being reported here. Are you saying that the behavior is different than described here http://denyhosts.sourceforge.net/faq.html#2_17 ?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
All IPs logging in are being added the restricted-usernames file automatically. If they are successful, they are being added as well.
DENY_THRESHOLD_RESTRICTED - (New in v2.1) Applies to the optionally defined usernames in WORK_DIR/restricted-usernames. See restricted users for more details.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Yes it is different than http://denyhosts.sourceforge.net/faq.html#2_17 . The faq says you can add hosts to the file hosts-restricted. Run a script to get a list to paste to the file. No where does it mentions, that this file is being modified on the fly by the program itself. In this case, every IP which logs is added to this file.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Logged In: YES
user_id=618715
Originator: NO
As another user, it's not clear to me what issue is being reported here. Are you saying that the behavior is different than described here http://denyhosts.sourceforge.net/faq.html#2_17 ?
Logged In: NO
All IPs logging in are being added the restricted-usernames file automatically. If they are successful, they are being added as well.
DENY_THRESHOLD_RESTRICTED - (New in v2.1) Applies to the optionally defined usernames in WORK_DIR/restricted-usernames. See restricted users for more details.
Logged In: NO
Yes it is different than http://denyhosts.sourceforge.net/faq.html#2_17 . The faq says you can add hosts to the file hosts-restricted. Run a script to get a list to paste to the file. No where does it mentions, that this file is being modified on the fly by the program itself. In this case, every IP which logs is added to this file.
This appears to be a narrower case of https://sourceforge.net/p/denyhosts/bugs/43/
Other discussion here: http://serverfault.com/q/647153/310481
This SF DenyHosts project is currently unmaintained - please see followups to this bug under the GitHub denyhosts project https://github.com/denyhosts/denyhosts/issues/48
Last edit: Daniel Sutcliffe 2015-10-02