Denyhosts does not handle the new log format introduced in OpenSSH 4.4 for login attempts involving users not in the AllowUsers, thus it can't block such attempts. Reproducible: Always Steps to Reproduce: 1. Disable root login for ssh (sshd_config, "PermitRootLogin no") 2. Try to log in with root user through ssh Actual Results: Running denyhosts, regex error reported on the login attempt with not allowed user. Expected Results: After reaching the threshold, it should add the host to /etc/hosts.deny, and report it in the denyhosts logfile.
Created attachment 114852 [details, diff] [PATCH] proposed patch for the bug Adds regex for the new log format.
take this upstream please.