Date: Wed, 16 Mar 2005 08:30:28 -0600 From: Jacob S <stormspotter@6Texans.net> To: freebsd-questions@freebsd.org Subject: Re: sshd behaviour Message-ID: <20050316083028.6929137b@jacob.6texans.net> In-Reply-To: <20050316074108.GA18643@mccme.ru> References: <20050316074108.GA18643@mccme.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 16 Mar 2005 10:41:09 +0300 "Eugene M. Minkovskii" <emin@mccme.ru> wrote: > Hi. I see strange to me behaviour of sshd. Please tell me is it > bug or feature? > > I use following network configuration: > > ####### ########### ########## > # LAN # -> # gateway # -> # router # > ####### ########### ########## > > Gateway machine has sshd. Normally I work from LAN on the gateway > good. But when connection with provider's router broken: > > ####### ########### ########## > # LAN # -> # gateway # -X-> # router # > ####### ########### ########## > > I can't login from LAN to gateway. Moreover, I can't login from > gateway to itself, using loop interface. But other Network > servicec working good. For example, I can do > # telnet gateway 25 > from LAN. I've seen this same behavior on a 5.3 server when Bind crashes/gets messed up by cPanel. I suspect the problem is ssh trying to do a reverse dns lookup, which doesn't timeout until the login has timed out as well. In my case I can see a fast response from the server if I telnet to it on port 22, but I never get the password prompt. The logfiles also show login timeouts when I'm finally able to login again. You might try setting "UseDNS no" in /etc/ssh/sshd_config. I believe this will still make it record the ip used for login, but it won't try and do a reverse dns lookup on the ip. HTH, Jacob
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050316083028.6929137b>