Re: reverse mapping -- POSSIBLE BREAK-IN ATTEMPT

---

• From: Ignoramus30744 <ignoramus30744@xxxxxxxxxxxxxxxxxxxx>
• Date: Tue, 13 Feb 2007 15:17:30 -0600

---

On Tue, 13 Feb 2007 21:11:16 +0100 (CET), Unruh <unruh-spam@xxxxxxxxxxxxxx> wrote:

Ignoramus21592 <ignoramus21592@xxxxxxxxxxxxxxxxxxxx> writes:

I am doing ssh from one host A, which I control, to another host B,
which I also control. Nothing has been compromised.

When I do ssh from A to B, I get this error message:

reverse mapping checking getaddrinfo for Z failed - POSSIBLE BREAK-IN ATTEMPT!

(A, B and Z are used instead of actual host names to protect privacy).

This means that the remote host has IP address I, and reports its name to
be B, but if one tries to resolve the name B one does not get address I.

Yes.

This seems to be a simple issue of host B having a wrong reverse IP
resolution (provided by my ISP authority record) that maps the IP of B
to Z instead of B. And SSH does this paranoid check of reverse of B
and complains since it finds that B is not B but Z.

Yes. So why is this true?

I am only interested in how to turn it off.

I have no desire to waste time talking to my ISP begging them to set
up reverse resolution etc.

I just want SSH to stop complaining about this error.

so, you do not mind increasing the probability that you connnect to a
rogue site.

Yes.That's correct, in this instance.

I did google a lot about this message, and it seems that almost
everyone making comments on this has NO CLUE. (as they talk about
hackers, brute force attacks etc).

How about VerifyReverseMapping?

It is not defined either in man ssh, nor in man sshd_config.

Or UseDNS?

Already tried, does not help, and why should it since this is a client
problem.

i

man sshd_config

So, I would like to hear from someone WITH A CLUE as to what SSH
option to set as to get rid of this warning.

Thank you.

.

---

• References:
  • reverse mapping -- POSSIBLE BREAK-IN ATTEMPT
    • From: Ignoramus21592
  • Re: reverse mapping -- POSSIBLE BREAK-IN ATTEMPT
    • From: Unruh

• Prev by Date: Re: reverse mapping -- POSSIBLE BREAK-IN ATTEMPT
• Next by Date: Re: reverse mapping -- POSSIBLE BREAK-IN ATTEMPT
• Previous by thread: Re: reverse mapping -- POSSIBLE BREAK-IN ATTEMPT
• Next by thread: "X11 connection uses different authentication protocol"
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: reverse mapping -- POSSIBLE BREAK-IN ATTEMPT ... which I also control. ... This means that the remote host has IP address I, and reports its name to ... up reverse resolution etc. ... (comp.security.ssh) Re: SSH through wireless router ... When you say that I should try ssh ... Connection closed by remote host ... When I went to sshd to port 2222: ... debug1: read PEM private key done: type RSA ... (Debian-User) Re: How do I port forward through 2 remote hosts? ... You gave a port number. ... desktop to a remote host for many years. ... I have read through the SSH FAQ which did nothing to help me ... loss to understand what remote forwardings (as opposed to local ... (comp.security.ssh) Hung background processes. ... I am trying to use a script that gets hung when it uses ssh. ... #The Initialize function is where the ssh commands hang ... # Tar and compress the nights reports ... (comp.unix.shell) Re: Passwordless ssh - SOLVED - ... I can now login without passwords but I have to kinit on each box before it will work. ... I built my kdc and configured my ssh daemon to use kerberos on both computers. ... I copied the krb5.keytab file to my remote host and setup the krb5.conf file on the remote host. ... After this is done I can ssh from my KDC to my remote host and I am not asked to enter my password. ... (comp.protocols.kerberos)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.security.ssh  > 2007-02