similar to: ssh reverse DNS failure

https://bugzilla.mindrot.org/show_bug.cgi?id=2545 Bug ID: 2545 Summary: reverse DNS lookups shouldn't block login Product: Portable OpenSSH Version: 6.6p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at

On Mon, 23 Oct 2023 at 00:43, Thomas K?ller <thomas at koeller.dyndns.org> wrote: > There is a nasty problem when using hostbased authentication: Suggestions: - "host" does DNS lookups, but is your system's nsswitch.conf or equivalent actually configured to use DNS? - have you turned off DNS lookups in sshd with "UseDNS no" in sshd_config? - you could try

http://bugzilla.mindrot.org/show_bug.cgi?id=720 Summary: "UseDNS no" breaks public key login Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy:

https://bugzilla.mindrot.org/show_bug.cgi?id=2405 Bug ID: 2405 Summary: Description of UseDNS option is not accurate Product: Portable OpenSSH Version: 6.8p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Documentation Assignee:

http://bugzilla.mindrot.org/show_bug.cgi?id=549 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED ------- Additional Comments From djm at mindrot.org 2003-06-03 10:28

https://bugzilla.mindrot.org/show_bug.cgi?id=2554 Bug ID: 2554 Summary: UseDNS documentation is misleading Product: Portable OpenSSH Version: -current Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Documentation Assignee: unassigned-bugs at

Hi, I'm having a problem with ssh and sssd in a samba4 ad environment. If I logon a linux client everything works fine. When entering klist I'm able to see my ticket. When I try to connect/logon to another linux client with ssh it is possible, but klist shows: klist: Credentials cache file '/run/user/$UID$/krb5cc/tkt' not found. So the ticket cache is not created during

I'm running a mix of CentOS 5 and 6 servers reachable by ssh from the Internet. Of course I allow only public key authentication and no root login. In addition I'm running fail2ban to block obnoxious brute force attack sources. On CentOS 6 this is working pretty well, but on CentOS 5 there's one class of attacks fail2ban fails to ban. (No pun intended.) This isn't fail2ban's

https://bugzilla.mindrot.org/show_bug.cgi?id=1860 Summary: UseDNS option ignored Product: Portable OpenSSH Version: 5.6p1 Platform: All OS/Version: Other Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy: pavel.krejci at

I'm attaching a simple doc patch against current CVS - feel free to re-word it as you see fit. I also noticed that if UseDNS is no, HostbasedUsesNameFromPacketOnly _must_ be yes if you want HostbasedAuthentication to work. -- Carson -------------- next part -------------- --- sshd_config.5.DIST 2003-09-13 02:25:18.365707000 -0400+++ sshd_config.5 2003-09-13 02:46:29.430974000 -0400@@

According to the manpage: UseDNS Specifies whether sshd should look up the remote host name and check that the resolved host name for the remote IP address maps back to the very same IP address. The default is ``yes''. Thing is, while sshd *checks*, this doesn't actually control whether or not the client is allowed to connect, it seems at most to be an option that causes

I bought a very cheap server yesterday - an HP ProLiant micro server for 160 euro (280 euro with 120 cashback, for some reason). But I was surprised when I opened the box to find it didn't come with keyboard or mouse, and doesn't have the old keyboard/mouse sockets, but requires USB versions. Is that the norm nowadays? Is it possible to convert the old keyboard/mouse plugs? Also there is

can i setup a dns name server in my localmachine? thanks for any help!

There is a nasty problem when using hostbased authentication: [thomas at sarkovy ~]$ journalctl -l -f | grep -Fe 'sshd[' Okt 22 15:20:54 sarkovy sshd[35034]: userauth_hostbased mismatch: client sends htpc.koeller.dyndns.org, but we resolve 192.168.0.2 to 192.168.0.2 Okt 22 15:20:54 sarkovy sshd[35034]: Connection closed by authenticating user thomas 192.168.0.2 port 36284 [preauth] ^C

Hi, this is my first nut installation, i see lot of connection failure and when i tried the configuration removing the power chord from the ups i expected tha machine will power itslef down but this has not happened. I'm using nut 2.2.2-2 from debian lenny, ups is a mustek powermust 2000 with usb cable. All config files are root:nut and 640, i've had to add nut user to nut group

Hi People, As part of securing SSH we currently have UseDNS set to yes. But we are finding that a number of ISP's are deliberately refusing to configure matching forward and reverse DNS records. So I am wondering how many of you are still using this option?

On 17/11/16 16:34, Digimer wrote: > Edit /etc/ssh/sshd_config > > Set: > > UseDNS no > GSSAPIAuthentication no > > Save, restart sshd, try again. This will certainly stop the long timeout, but I prefer telling people to fix their DNS. The long timeout is indicative of a DNS issue and turning off DNS for ssh is just masking the real problem. I prefer to leave DNS on

All, Trying to figure out how to deal with, I assume, a dying disk that's unfortunately on / (ext3). Getting errors similar to: Dec 31 20:44:30 mybox kernel: hdb: dma_intr: status=0x51 { DriveReady SeekComplete Error } Dec 31 20:44:30 mybox kernel: hdb: dma_intr: error=0x40 { UncorrectableError }, LBAsect=163423, high=0, low=163423, sector=163360 Dec 31 20:44:30 mybox kernel: end_request:

Hello all, My logs get filled with bogus SSH connection attemps which I'd expect should have been denied without logging, so a couple of observations. Syslog has lots of entries like: Aug 29 02:23:31 otso sshd[21000]: reverse mapping checking getaddrinfo for powered.by.e-leven.be [78.110.207.104] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 29 02:23:31 otso sshd[21000]: Invalid user upload from

Any ideas on how asterisk could accept an email (such as an email to SMS or "number at mybox.org" sort of thing) and make a phone call to a specific number and make an announcement? I imagine the first part is the big question. joe a.