Re: reverse mapping -- POSSIBLE BREAK-IN ATTEMPT



On 14 Feb 2007 01:35:57 -0500, Richard E. Silverman <res@xxxxxxxx> wrote:
"I" == Ignoramus21592 <ignoramus21592@xxxxxxxxxxxxxxxxxxxx> writes:

I> On 12 Feb 2007 19:36:40 -0500, Richard E. Silverman <res@xxxxxxxx>
I> wrote:
>> In sshd_config, "UseDNS no".

I> Did not work. Set it on both client and server machine.

I> This is a client issue, not a server issue.

Oops, sorry; spoke too quickly. Please give the output of "ssh -V".

Here goes:

OpenSSH_4.3p2, OpenSSL 0.9.8b 04 May 2006


Making a guess: if you using an OpenSSH build with GSS/Kerberos support,
such as the Debian ssh-krb5 package or OpenSSH with this patch:

http://www.sxw.org.uk/computing/patches/openssh.html

... then this behavior is wired in and can't be turned off (even if you're
not actually using Kerberos). It calls get_canonical_hostname() with the
use_dns parameter set. There ought to be a client-side UseDNS option for
it to respect.

I agree that there needs to be such an option.

If you're not, then I'm not sure what's going on, because I can't
replicate this behavior with a stock 4.5p1 build; as far as I can tell,
that code is simply not called on the client side.


Here are my package names in FC6:

~ ==>rpm -qa |grep ssh
openssh-server-4.3p2-14.fc6
openssh-askpass-4.3p2-14.fc6
openssh-clients-4.3p2-14.fc6
openssh-4.3p2-14.fc6

thanks

i
.