Date: Tue, 5 Sep 2006 17:48:08 -0700 (PDT) From: backyard <backyard1454-bsd@yahoo.com> To: Noah <admin2@enabled.com>, backyard1454-bsd@yahoo.com Cc: freebsd-questions@freebsd.org Subject: Re: sshd login stalling Message-ID: <20060906004808.92941.qmail@web83112.mail.mud.yahoo.com> In-Reply-To: <44FDC44A.8030904@enabled.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--- Noah <admin2@enabled.com> wrote: > backyard wrote: > > --- Noah <admin2@enabled.com> wrote: > > > > > >> Okay I cant seem to figure out why sshd logins > are > >> stalling. I see that > >> I am coming from an IP address that does not have > >> Reverse mapping. > >> > >> So I added the lines below to > >> /usr/local/etc/ssh/sshd_config > >> and /etc/ssh is sym linked to /usr/local/etc/ssh > >> > >> --- snip --- > >> lrwxr-xr-x 1 root wheel 18 Sep 4 23:01 > ssh > >> -> /usr/local/etc/ssh > >> > >> UseDNS no > >> VerifyReverseMapping no > >> > >> ---- snip --- > >> > >> > >> cheers, > >> > >> Noah > >> > > > > > > just a thought but if /etc/ssh is linked to > > /usr/local/etc/ssh wouldn't that just cause > troubles > > from the ghetco? My understanding is > /usr/local/etc is > > for local specific configurations so that a site > > specific configuration in /etc can be loaded and > > appended by the stuff in /usr/local/etc. Wouldn't > > symlinking one to the other force the same config > > files to be loaded twice??? And if so wouldn't > that > > possibly confuse the daemon? Maybe I'm not > entirely > > clear on how all that works myself. but my > > understanding is /etc is read first and then > appended > > by /usr/local/etc. Although I can see how this > would > > allow NFS to be used on diskless clients using > generic > > /etc while allowing system specific configurations > to > > be stored elsewhere and linked in as needed. I am > just > > under the impression that /usr/local/etc is not > for > > this purpose. of course I'm not the brightest tool > in > > the shed... > > > > > > Well currently if I am coming from an IP address the > has reverse mapping > then things work fine there is no stalling > whatsoever. When I removed > the sym link between /etc/ssh and /usr/local/etc/ssh > things work fine > now. these is still stalling experienced when > coming from an machine > with a non-reverse mapped IP. > > other clues? > > cheers, > > Noah > > do you have a firewall setup or any other packet filtering going on on the box? Is this problem only with sshd or do all daemons have trouble with a host that doesn't do reverse-lookups? Perhaps the IP stack is just blocking the packets coming in from non-fully qualified hosts. -brian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060906004808.92941.qmail>