search for: usedns

http://bugzilla.mindrot.org/show_bug.cgi?id=720 Summary: "UseDNS no" breaks public key login Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org...

https://bugzilla.mindrot.org/show_bug.cgi?id=2405 Bug ID: 2405 Summary: Description of UseDNS option is not accurate Product: Portable OpenSSH Version: 6.8p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Documentation Assignee: unassigned-bugs at mindrot.o...

https://bugzilla.mindrot.org/show_bug.cgi?id=2554 Bug ID: 2554 Summary: UseDNS documentation is misleading Product: Portable OpenSSH Version: -current Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Documentation Assignee: unassigned-bugs at m...

According to the manpage: UseDNS Specifies whether sshd should look up the remote host name and check that the resolved host name for the remote IP address maps back to the very same IP address. The default is ``yes''. Thing is, while sshd *checks*, this doesn't actually control whether or not the client is allowe...

https://bugzilla.mindrot.org/show_bug.cgi?id=1860 Summary: UseDNS option ignored Product: Portable OpenSSH Version: 5.6p1 Platform: All OS/Version: Other Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy: p...

https://bugzilla.mindrot.org/show_bug.cgi?id=1860 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |WORKSFORME Status|NEW |RESOLVED --- Comment #6 from Damien Miller <djm at

http://bugzilla.mindrot.org/show_bug.cgi?id=682 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WONTFIX ------- Additional Comments From djm at mindrot.org 2004-03-30 16:15

Hi All, All of my systems are running 5.4 x64. The are all AMD x64 processors with at least 2gb of RAM in each. I am running SSH on a non standard port. When I SSH into ANY of my systems, I get prompted for my password right away, but after entering, it takes 30+ seconds to get logged in and get a prompt so I can work. I dont quite know what to look for here Does anyone have thoughts? -Jason

...pping=false krb5_keytab=/etc/krb5.keytab And sshd with to following sshd_config: AuthorizedKeysFile .ssh/authorized_keys PasswordAuthentication no GSSAPIAuthentication yes GSSAPICleanupCredentials yes GSSAPIStrictAcceptorCheck no GSSAPIStoreCredentialsOnRekey yes UsePAM yes X11Forwarding yes UseDNS no Subsystem sftp /usr/lib/ssh/sftp-server AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL /etc/pam.d/sshd directs to the default pam.d configurations. -- V...

Hello, I'm trying to set up an sftp (sshfs) service accessible to users with a normal account on a server, but which would be restricted to a subset of the directory hierarchy normally accessible to the users in question, in practice a single directory. The idea would be to allow file access to this directory with a passwordless public key, but keep rest of the users file accessible only with

....c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c] [canohost.c monitor.c servconf.c servconf.h session.c sshd_config] [sshd_config.5] deprecate VerifyReverseMapping since it's dangerous if combined with IP based access control as noted by Mike Harding; replace with a UseDNS option, UseDNS is on by default and includes the VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@ ok deraadt@, djm@ Switch UseDNS off if you don't want any DNS lookups. ------- You are receiving this mail because: ------- You are the assignee for the bug, or...

I'm attaching a simple doc patch against current CVS - feel free to re-word it as you see fit. I also noticed that if UseDNS is no, HostbasedUsesNameFromPacketOnly _must_ be yes if you want HostbasedAuthentication to work. -- Carson -------------- next part -------------- --- sshd_config.5.DIST 2003-09-13 02:25:18.365707000 -0400+++ sshd_config.5 2003-09-13 02:46:29.430974000 -0400@@ -245,6 +245,16 @@ and applies to...

Can I adjust the ssh daemon to log IP addresses instead of hostnames? I assume this situation is feasible... * 10.10.10.10 attempts to ssh to the server * reverse dns resolves to "somehost.domain.com" * ssh daemon logs "somehost.domain.com" in messages * foward dns on "somehost.domain.com" resolves to 10.10.10.20 Thus it causes some of my scripts a problem if the

...OS: All Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org Reporter: bugzilla.mindrot.org at beej.org sshd currently blocks on doing a reverse DNS lookup during login when UseDNS is yes. this normally doesn't present a problem, but broken or misconfigured resolvers and servers can cause a 20-second penalty to sshd users. sshd should do the name resolution in a non-blocking way. see https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/424371 -- You are receiving t...

https://bugzilla.mindrot.org/show_bug.cgi?id=1667 Summary: sshd slow connect with 'UseDNS yes' Product: Portable OpenSSH Version: 5.2p1 Platform: All OS/Version: Linux Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy: brian.p....

I'm running a mix of CentOS 5 and 6 servers reachable by ssh from the Internet. Of course I allow only public key authentication and no root login. In addition I'm running fail2ban to block obnoxious brute force attack sources. On CentOS 6 this is working pretty well, but on CentOS 5 there's one class of attacks fail2ban fails to ban. (No pun intended.) This isn't fail2ban's

Hi. For a long time I am puzzled why, when internet connection is gone (beyond first router, outside of subnet) SSH (and telnet?) connection is drastically slowed. Same behavior, but less impacted is observed when system boots without working internet connection, and I am not sure, but I think even access to SAMBA fileshares can be/is affected. Affected systems are mostly production

On 17/11/16 16:34, Digimer wrote: > Edit /etc/ssh/sshd_config > > Set: > > UseDNS no > GSSAPIAuthentication no > > Save, restart sshd, try again. This will certainly stop the long timeout, but I prefer telling people to fix their DNS. The long timeout is indicative of a DNS issue and turning off DNS for ssh is just masking the real problem. I prefer to leave DNS on...

...t;thomas at koeller.dyndns.org> wrote: > There is a nasty problem when using hostbased authentication: Suggestions: - "host" does DNS lookups, but is your system's nsswitch.conf or equivalent actually configured to use DNS? - have you turned off DNS lookups in sshd with "UseDNS no" in sshd_config? - you could try setting "HostbasedUsesNameFromPacketOnly yes" in sshd_config. -- Darren Tucker (dtucker at dtucker.net) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA Good judgement comes with experience. Unfortunately, the experience...

http://bugzilla.mindrot.org/show_bug.cgi?id=859 Summary: getaddrinfo(host, "0", &hints, &res) may take extra cycles Product: Portable OpenSSH Version: 3.8p1 Platform: All OS/Version: other Status: NEW Severity: normal Priority: P2 Component: Miscellaneous