search for: sarkovy

There is a nasty problem when using hostbased authentication: [thomas at sarkovy ~]$ journalctl -l -f | grep -Fe 'sshd[' Okt 22 15:20:54 sarkovy sshd[35034]: userauth_hostbased mismatch: client sends htpc.koeller.dyndns.org, but we resolve 192.168.0.2 to 192.168.0.2 Okt 22 15:20:54 sarkovy sshd[35034]: Connection closed by authenticating user thomas 192.168.0.2 port 3...

...vice. This is my server configuration: AllowUsers = thomas root AuthenticationMethods hostbased,publickey ExposeAuthInfo = no ForceCommand none GSSAPIAuthentication no HostbasedAcceptedAlgorithms ssh-ed25519 HostbasedAuthentication yes HostbasedUsesNameFromPacketOnly yes HostKey /etc/ssh/host_key_sarkovy.koeller.dyndns.org_ed25519 IgnoreRhosts yes IgnoreUserKnownHosts yes KerberosAuthentication no ListenAddress = 192.168.0.1 ListenAddress = fd46:1ffa:d8e0::1 LogLevel VERBOSE PasswordAuthentication no PermitEmptyPasswords no PermitRootLogin yes PermitTTY yes PermitTunnel no PermitUserRC yes PubkeyAu...

On Mon, 23 Oct 2023 at 00:43, Thomas K?ller <thomas at koeller.dyndns.org> wrote: > There is a nasty problem when using hostbased authentication: Suggestions: - "host" does DNS lookups, but is your system's nsswitch.conf or equivalent actually configured to use DNS? - have you turned off DNS lookups in sshd with "UseDNS no" in sshd_config? - you could try