sshd behaviour

Jacob S stormspotter at 6Texans.net
Wed Mar 16 06:30:35 PST 2005


On Wed, 16 Mar 2005 10:41:09 +0300
"Eugene M. Minkovskii" <emin at mccme.ru> wrote:

> Hi. I see strange to me behaviour of sshd. Please tell me is it
> bug or feature?
> 
> I use following network configuration:
> 
> #######    ###########    ##########
> # LAN # -> # gateway # -> # router #
> #######    ###########    ##########
> 
> Gateway machine has sshd. Normally I work from LAN on the gateway
> good. But when connection with provider's router broken:
> 
> #######    ###########      ##########
> # LAN # -> # gateway # -X-> # router #
> #######    ###########      ##########
> 
> I can't login from LAN to gateway. Moreover, I can't login from
> gateway to itself, using loop interface. But other Network
> servicec working good. For example, I can do
> # telnet gateway 25
> from LAN.

I've seen this same behavior on a 5.3 server when Bind crashes/gets
messed up by cPanel. I suspect the problem is ssh trying to do a reverse
dns lookup, which doesn't timeout until the login has timed out as well.
In my case I can see a fast response from the server if I telnet to it
on port 22, but I never get the password prompt. The logfiles also show
login timeouts when I'm finally able to login again.

You might try setting "UseDNS no" in /etc/ssh/sshd_config. I believe
this will still make it record the ip used for login, but it won't try
and do a reverse dns lookup on the ip.

HTH,
Jacob


More information about the freebsd-questions mailing list