From owner-freebsd-questions@FreeBSD.ORG  Wed Mar 16 14:30:35 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3BF8F16A4CE
	for <freebsd-questions@freebsd.org>;
	Wed, 16 Mar 2005 14:30:35 +0000 (GMT)
Received: from pimout4-ext.prodigy.net (pimout4-ext.prodigy.net
	[207.115.63.98])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9854143D31
	for <freebsd-questions@freebsd.org>;
	Wed, 16 Mar 2005 14:30:34 +0000 (GMT)
	(envelope-from stormspotter@6Texans.net)
Received: from jacob.6texans.net (adsl-64-109-18-13.dsl.rcfril.ameritech.net
	[64.109.18.13])j2GEUT5K191134
	for <freebsd-questions@freebsd.org>; Wed, 16 Mar 2005 09:30:33 -0500
Date: Wed, 16 Mar 2005 08:30:28 -0600
From: Jacob S <stormspotter@6Texans.net>
To: freebsd-questions@freebsd.org
Message-ID: <20050316083028.6929137b@jacob.6texans.net>
In-Reply-To: <20050316074108.GA18643@mccme.ru>
References: <20050316074108.GA18643@mccme.ru>
X-Mailer: Sylpheed-Claws 0.9.13 (GTK+ 1.2.10; i386-pc-linux-gnu)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: Re: sshd behaviour
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Mar 2005 14:30:35 -0000

On Wed, 16 Mar 2005 10:41:09 +0300
"Eugene M. Minkovskii" <emin@mccme.ru> wrote:

> Hi. I see strange to me behaviour of sshd. Please tell me is it
> bug or feature?
> 
> I use following network configuration:
> 
> #######    ###########    ##########
> # LAN # -> # gateway # -> # router #
> #######    ###########    ##########
> 
> Gateway machine has sshd. Normally I work from LAN on the gateway
> good. But when connection with provider's router broken:
> 
> #######    ###########      ##########
> # LAN # -> # gateway # -X-> # router #
> #######    ###########      ##########
> 
> I can't login from LAN to gateway. Moreover, I can't login from
> gateway to itself, using loop interface. But other Network
> servicec working good. For example, I can do
> # telnet gateway 25
> from LAN.

I've seen this same behavior on a 5.3 server when Bind crashes/gets
messed up by cPanel. I suspect the problem is ssh trying to do a reverse
dns lookup, which doesn't timeout until the login has timed out as well.
In my case I can see a fast response from the server if I telnet to it
on port 22, but I never get the password prompt. The logfiles also show
login timeouts when I'm finally able to login again.

You might try setting "UseDNS no" in /etc/ssh/sshd_config. I believe
this will still make it record the ip used for login, but it won't try
and do a reverse dns lookup on the ip.

HTH,
Jacob