[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ssh to NATed box fails

On Fri, Jan 02, 2004 at 12:29:44AM +0000, Pigeon wrote:
> On Thu, Jan 01, 2004 at 10:02:36PM +0000, Colin Watson wrote:
> > Perhaps the remote end is configured with 'ALL: PARANOID' in hosts.deny,
> Can't check without going there :-) but I'm fairly sure this is the case,
> from memory.
> > and your reverse DNS is wrong? That's a common cause of ssh connections
> > failing in the manner you describe, since tcp-wrappers checks happen at
> > about that stage.
> Ah yes, reverse DNS is wrong - on the local end I get:
> pigeon@droitwichbox:~$ hostname
> droitwichbox.dyndns.org
> pigeon@droitwichbox:~$ host droitwichbox.dyndns.org
> droitwichbox.dyndns.org has address
> pigeon@droitwichbox:~$ host
> domain name pointer tnt-5-248.easynet.co.uk.
> pigeon@droitwichbox:~$ 
> ...so it looks like I need to temporarily reconfigure the local end's
> hostname according to the above result, and try again the next time the
> remote end comes online...

Tried it... # hostname tnt-9-92.easynet.co.uk (correct for this dialup

...but it fails in exactly the same way. So either

a) reconfiguring the local end's hostname is a flawed approach, or
b) there is a config problem other than ALL: PARANOID / broken reverse DNS
   at the remote end.

Is (a) true?


Be kind to pigeons
Get my GPG key here: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x21C61F7F

Attachment: pgpJipimXOB7s.pgp
Description: PGP signature

Reply to: