similar to: [Bug 2545] New: reverse DNS lookups shouldn't block login

http://bugzilla.mindrot.org/show_bug.cgi?id=720 Summary: "UseDNS no" breaks public key login Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy:

https://bugzilla.mindrot.org/show_bug.cgi?id=1667 Summary: sshd slow connect with 'UseDNS yes' Product: Portable OpenSSH Version: 5.2p1 Platform: All OS/Version: Linux Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy:

I use dyndns's (free) service to access a remote machine with a dynamic IP address. The machine is running under CentOS-6.0. I can ssh into the address given me by dyndns (*.homelinux.com), but when I do this I get the warning "reverse mapping checking getaddrinfo for" * "failed - POSSIBLE BREAK-IN ATTEMPT!" This doesn't really matter, as I normally use OpenVPN for

http://bugzilla.mindrot.org/show_bug.cgi?id=549 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED ------- Additional Comments From djm at mindrot.org 2003-06-03 10:28

https://bugzilla.mindrot.org/show_bug.cgi?id=2405 Bug ID: 2405 Summary: Description of UseDNS option is not accurate Product: Portable OpenSSH Version: 6.8p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Documentation Assignee:

On Mon, 23 Oct 2023 at 00:43, Thomas K?ller <thomas at koeller.dyndns.org> wrote: > There is a nasty problem when using hostbased authentication: Suggestions: - "host" does DNS lookups, but is your system's nsswitch.conf or equivalent actually configured to use DNS? - have you turned off DNS lookups in sshd with "UseDNS no" in sshd_config? - you could try

https://bugzilla.mindrot.org/show_bug.cgi?id=2554 Bug ID: 2554 Summary: UseDNS documentation is misleading Product: Portable OpenSSH Version: -current Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Documentation Assignee: unassigned-bugs at

Hi, I'm having a problem with ssh and sssd in a samba4 ad environment. If I logon a linux client everything works fine. When entering klist I'm able to see my ticket. When I try to connect/logon to another linux client with ssh it is possible, but klist shows: klist: Credentials cache file '/run/user/$UID$/krb5cc/tkt' not found. So the ticket cache is not created during

I'm running a mix of CentOS 5 and 6 servers reachable by ssh from the Internet. Of course I allow only public key authentication and no root login. In addition I'm running fail2ban to block obnoxious brute force attack sources. On CentOS 6 this is working pretty well, but on CentOS 5 there's one class of attacks fail2ban fails to ban. (No pun intended.) This isn't fail2ban's

https://bugzilla.mindrot.org/show_bug.cgi?id=1860 Summary: UseDNS option ignored Product: Portable OpenSSH Version: 5.6p1 Platform: All OS/Version: Other Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy: pavel.krejci at

I'm attaching a simple doc patch against current CVS - feel free to re-word it as you see fit. I also noticed that if UseDNS is no, HostbasedUsesNameFromPacketOnly _must_ be yes if you want HostbasedAuthentication to work. -- Carson -------------- next part -------------- --- sshd_config.5.DIST 2003-09-13 02:25:18.365707000 -0400+++ sshd_config.5 2003-09-13 02:46:29.430974000 -0400@@

According to the manpage: UseDNS Specifies whether sshd should look up the remote host name and check that the resolved host name for the remote IP address maps back to the very same IP address. The default is ``yes''. Thing is, while sshd *checks*, this doesn't actually control whether or not the client is allowed to connect, it seems at most to be an option that causes

http://bugzilla.mindrot.org/show_bug.cgi?id=1290 Summary: sshd dies if passed host key with relative path on command line Product: Portable OpenSSH Version: 4.5p1 Platform: All OS/Version: FreeBSD Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: bitbucket at

Hi People, As part of securing SSH we currently have UseDNS set to yes. But we are finding that a number of ISP's are deliberately refusing to configure matching forward and reverse DNS records. So I am wondering how many of you are still using this option?

On 17/11/16 16:34, Digimer wrote: > Edit /etc/ssh/sshd_config > > Set: > > UseDNS no > GSSAPIAuthentication no > > Save, restart sshd, try again. This will certainly stop the long timeout, but I prefer telling people to fix their DNS. The long timeout is indicative of a DNS issue and turning off DNS for ssh is just masking the real problem. I prefer to leave DNS on

Hello all, My logs get filled with bogus SSH connection attemps which I'd expect should have been denied without logging, so a couple of observations. Syslog has lots of entries like: Aug 29 02:23:31 otso sshd[21000]: reverse mapping checking getaddrinfo for powered.by.e-leven.be [78.110.207.104] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 29 02:23:31 otso sshd[21000]: Invalid user upload from

Hi, I am trying to configure OpenSSH to allow root logins, without success so far. So I could really use some advice. This is my server configuration: AllowUsers = thomas root AuthenticationMethods hostbased,publickey ExposeAuthInfo = no ForceCommand none GSSAPIAuthentication no HostbasedAcceptedAlgorithms ssh-ed25519 HostbasedAuthentication yes HostbasedUsesNameFromPacketOnly yes HostKey

Hello, I am having a very aggrivating problem, and I will try and provide all of the necessary information. I have openssh-3.7.1p2 with openssl-0.9.6k installed on Solaris 8. Here is what I've been able to determine so far: 1. Local account authentication works fine (non-NIS+). 1a. NIS+ is running at security level 2 2. Telnet authentication works fine. 2a. When I use the SSH client,

Greetings, I am using OpenSSH 4.7 and trying to use a middle machine to do reverse shell. The error I run into is the destination says getsockopt TCP_NODELAY: Connection reset by peer. The setup: 3 machines (we can call them A,B,C) with QNX Neutrino I would like machine C to be the destination. So we have A can talk to B, and B can talk to C, but A can not talk to C directly. What I am

Hi, I am not sure this is a bug in Openssh or not. I am running Openssh 4.1p1. with openssl 0.9.7g Scenario: Due to audit enabled on the system, I will need to set Uselogin to yes so that audit will track system call. But when try to login to system with a LDAP user. I get the following. eg: [n113839 at r3ent15pc ~]$ ssh tfstst1 -l ntesting1 ntesting1 at tfstst1's password: Login incorrect