From owner-freebsd-questions@FreeBSD.ORG Fri Nov 21 18:27:18 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 74C1C1065672 for ; Fri, 21 Nov 2008 18:27:18 +0000 (UTC) (envelope-from jalmberg@identry.com) Received: from mx1.identry.com (on.identry.com [66.111.0.194]) by mx1.freebsd.org (Postfix) with ESMTP id 003538FC17 for ; Fri, 21 Nov 2008 18:27:17 +0000 (UTC) (envelope-from jalmberg@identry.com) Received: (qmail 91458 invoked by uid 89); 21 Nov 2008 18:27:17 -0000 Received: from unknown (HELO ?192.168.1.110?) (jalmberg@75.127.142.66) by mx1.identry.com with ESMTPA; 21 Nov 2008 18:27:17 -0000 Mime-Version: 1.0 (Apple Message framework v753.1) In-Reply-To: References: Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <9861B7B6-D22D-47D9-8899-8650FD3CC555@identry.com> Content-Transfer-Encoding: 7bit From: John Almberg Date: Fri, 21 Nov 2008 13:27:14 -0500 To: freebsd-questions@freebsd.org X-Mailer: Apple Mail (2.753.1) Subject: Re: rsync throwing odd error X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Nov 2008 18:27:18 -0000 On Nov 21, 2008, at 12:50 PM, John Almberg wrote: > This is the week for strange problems... > > I use rsync to copy tinydns data files to backup name servers. This > has been working for about a year with no problem. Suddenly, I am > getting odd errors: > > /usr/local/bin/rsync -az -e 'ssh ' data.cdb admin@qu.example.com:/ > usr/local/etc/tinydns/root/data.cdb > channel 1: open failed: administratively prohibited: open failed > > The rsync does work. That is, the file is copied over. So this is > actually a warning, I guess. > > On the other server, the one the file is being copied TO, the > following is printed in /var/log/auth.log > > Nov 21 12:43:38 qu sshd[4604]: Address 67.111.0.194 maps to > on.example.com, but this does not map back to the address - > POSSIBLE BREAK-IN ATTEMPT! > Nov 21 12:43:38 qu sshd[4604]: Accepted publickey for root from > 67.111.0.194 port 55777 ssh2 > > I'm guessing this is some sort of DNS mis-match, but I don't quite > grasp what the problem could be. Ahhhh... a reverse DNS problem! Sorry for the dumb question, but it's amazingly helpful to just write down the question clear enough for the group. It frequently clarifies the problem to the point where the answer becomes obvious, even to a newbie like me. DNS had been delegated to this server, but now that seems to be no longer working, so the reverse DNS look up is all wrong. That makes sense... an external change by the colo guys must have triggered this. Will get on to them, and that should short this problem out. -- John