sshd dieing? after applying FreeBSD-SA-03:12.openssh

Devon Sean McCullough FreeBSD-2005 at Jovi.Net
Sat Apr 23 09:02:13 PDT 2005 

   Date: Sat, 23 Apr 2005 00:11:19 -0400
   From: Lucas Holt <luke at foolishgames.com>

   As I recall there is an option in the openssh config file in recent 
   versions to disable DNS lookups.

Thank you for pointing that out!

FreeBSD-5.3 supports workaround # sshd -o UseDNS=no
but older servers do not.

An older workaround # echo hosts: files >> /etc/nsswitch.conf
disables DNS on the entire server.  I know /etc/host.conf
controlled host lookups, now vanished with no trace.
I guess /etc/hosts lacks reverse lookups.

		Peace
			--Devon
	 /~\
	 \ /	Health Care
	  X	not warfare
	 / \

	Dubya won the digital vote
	Kerry won the popular vote

PS: Oh no, I exposed my real mailbox to spammers harvesting the
FreeBSD lists, ugh, time for a new domain and a smarter mailer.

Subject: Re: sshd dieing? after applying FreeBSD-SA-03:12.openssh
Date: Sat, 23 Apr 2005 00:11:19 -0400
From: Lucas Holt <luke at foolishgames.com>
In-Reply-To: <200504201335.j3KDZMZ4086059 at grant.org>

As I recall there is an option in the openssh config file in recent 
versions to disable DNS lookups.

On Apr 20, 2005, at 9:35 AM, FreeBSD-2005 at Jovi.Net wrote:

> In the future, please do as I did and publish whatever solution you 
> find,
> my answer was somewhat lame but worked for me and will help the next 
> guy.
> To the SSH server /etc/hosts I added the client machine, now when it 
> gets
> to debug1: got SSH2_MSG_SERVICE_ACCEPT it hangs for only 75 seconds.
>
> 		Peace
> 			--Devon
>
> From: "Steven Hartland" <killing at multiplay.co.uk>
> Cc: <security-advisories at freebsd.org>, <freebsd-hackers at freebsd.org>,
> 	<FreeBSD-2005 at Jovi.Net>, <killing at BarrysWorld.com>
> Date: Wed, 20 Apr 2005 14:07:21 +0100
>
> Sorry I don't remember the solution we came up with. It was a long time
> ago. I think it was to do with DNS invalid / broken DNS or something
> like that but I couldn't say for sure.
>
>     Regards
>     Steve
> ----- Original Message -----
> From: <FreeBSD-2005 at Jovi.Net>
>>
>> This trouble hit me yesterday, 2005 Apr 19 Tue, Google led me to
>> someone else with the exact same trouble.  What use to ask the net
>> if nobody publishes an ANSWER?  A good netizen does the right thing.
>> By citing the original question, I create a link to a possible answer.
>
> ================================================
> This e.mail is private and confidential between Multiplay (UK) Ltd. 
> and the person or entity to whom it is addressed. In the event of 
> misdirection, the recipient is prohibited from using, copying, 
> printing or otherwise disseminating it or any information contained in 
> it.
>
> In the event of misdirection, illegible or incomplete transmission 
> please telephone (023) 8024 3137
> or return the E.mail to postmaster at multiplay.co.uk.
>
> _______________________________________________
> freebsd-hackers at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to 
> "freebsd-hackers-unsubscribe at freebsd.org"
>
>

Lucas Holt
Luke at FoolishGames.com
________________________________________________________
FoolishGames.com  (Jewel Fan Site)
JustJournal.com (Free blogging)
FoolishGames.net (Enemy Territory IoM site)

More information about the freebsd-hackers mailing list