Re: How to stop SSH doing reverse lookup?
On Sat, 2 Apr 2005, Chuk Goodin wrote:
> I need to ssh into my machine from a certain computer and I always get
> a "No further authorization methods available" response. I can get to
i think you get that response when:
- you changed the system on either end of of the ssh connection
- you cannot ssh into that target machine for whatever reason
> Apr 1 08:32:28 localhost sshd[25266]: reverse mapping checking
> getaddrinfo for <ComputerX hostname> failed - POSSIBLE BREAKIN
> ATTEMPT!
reverse dns lookup is off by default??? ( at least sshd config from
openssh )
- if the reverse dns does not match the ip#, or if the reverse
dns info does not exist, it will simply ask that the reverse
ip and host info does NOT match .. and if you wish to continue
- mismatch of reverse dns does not prevent you from ssh'ing in
- very very common for people to have multiple names for a
machine and that the reverse dns entry for the ip# is only
one of the names ( MyPC vs www vs ns vs FavoritePet )
> putting SSH: <ComputerX hostname> in hosts.allow
use sshd ... but maybe ssh is working tooo if you cannot ssh in
removing ssh entries in hosts.allow will probaby let you
and the rest of the world back into that machine
> putting ALL: <ComputerX hostname> in hosts.allow
never use "ALL:" in hosts.allow, it's pointless as you're completely
exposed
> putting "ReverseMappingCheck no" in my sshd_config (got a log message
> saying that had been deprecated)
use a newer ssh ( better way ) or older one that is compatible
c ya
alvin
Reply to: