MBG, NuPoint SSH lockout

[fcutler]

Does Mitel Standard Linux block an IP address of a host after failed attempts to login via SSH? I know with the NuPoint server if you enter credentials incorrectly a number of times you'll get locked out and have to run /usr/bin/vm/unlocksona to unlock the account. What about the Mitel Border Gateway? If so how can this be reset or removed so a particular host has access again?

I created an account for security scans on the MBG and it is not able to connect from a particular IP address. I can use that account from other hosts so I know it is not a credential issue. Also about a week ago I was unable to SSH to the MBG from my computer for a day or two. I don't recall the PuTTY message when trying to connect, I think it said something like "connection refused". After a couple days however I tried again and was able to log in via SSH.

[Navarre]

In recent versions, MSL uses denyhosts.

]# cat /etc/denyhosts/denyhosts.cfg
#------------------------------------------------------------
#              !!DO NOT MODIFY THIS FILE!!
#
# Manual changes will be lost when this file is regenerated.
#
# Copyright (C) 1999-2010 Mitel Networks Corporation
#------------------------------------------------------------
BLOCK_SERVICE  = sshd
DENY_THRESHOLD_INVALID = 5
DENY_THRESHOLD_VALID = 10
DENY_THRESHOLD_ROOT = 10
DENY_THRESHOLD_RESTRICTED = 5
HOSTNAME_LOOKUP = NO
HOSTS_DENY = /etc/hosts.blocked
LOCK_FILE = ./supervise/lockfile
PURGE_DENY = 5d
RESET_ON_SUCCESS = yes
SECURE_LOG = /var/log/sshd/current
SSHD_FORMAT_REGEX = @.*? (?P<message>.*)
SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES
WORK_DIR = /usr/share/denyhosts/data

So it takes 10 attempts to be locked out, I believe.

Look at /etc/hosts.blocked.

[fcutler]

Thanks Navarre, that was it. I looked at the denyhosts file but nothing was there. The IP was in the hosts.blocked file however. Cheers!