Date: Fri, 3 Jan 2003 23:22:51 -0600 From: Hari Bhaskaran <subscr@spider.netmails.net> To: freebsd-questions@freebsd.org Subject: sshd and reverse lookups Message-ID: <20030103232251.A86924@spider.netmails.net>
next in thread | raw e-mail | index | archive | help
Hi, (while I play around with dummynet, I have yet another q :) I can't seem to avoid the initial login delay for sshd. I have turned off reverse lookup - "VerifyReverseMapping no". I don't use inetd - even then, hosts.allow has only one - "ALL : ALL : allow". I have an ipfilter firewall which lets only one tcp port for ssh in (from select IPs). I see the question has been asked before http://docs.freebsd.org/cgi/getmsg.cgi?fetch=2697694+0+archive/2002/freebsd-questions/20021117.freebsd-questions However, I didn't see any answers there. /etc/rc.conf: sshd_flags="-4 -u0" inetd_enable="NO" I have turned off RhostsAuthentication, RhostsRSAAuthentication, HostbasedAuthentication No user@host pattern in AllowUsers and DenyUsers - Things that would have required reverse DNS lookup according to man page. An ssh 3.4p1 client running from a different machine with couple of -v's gives debug1: got SSH2_MSG_SERVICE_ACCEPT <--- A delay of almost 1 to 2 minutes. debug3: input_userauth_banner I use the 'Banner' thing at the server - that is the debug3 line. I have tried with & without the banner (just being paranoid) but still the same result. Any help is appreciated -- Hari Bhaskaran To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030103232251.A86924>