From owner-freebsd-questions@FreeBSD.ORG Wed Sep 6 00:48:09 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8064B16A4DE for ; Wed, 6 Sep 2006 00:48:09 +0000 (UTC) (envelope-from backyard1454-bsd@yahoo.com) Received: from web83112.mail.mud.yahoo.com (web83112.mail.mud.yahoo.com [216.252.101.41]) by mx1.FreeBSD.org (Postfix) with SMTP id 187B443D49 for ; Wed, 6 Sep 2006 00:48:09 +0000 (GMT) (envelope-from backyard1454-bsd@yahoo.com) Received: (qmail 92943 invoked by uid 60001); 6 Sep 2006 00:48:08 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=nWgBcGiW7A2J/G6FOg80JEYyj0rm6n6zaBh9+Y1mZpEnbbWS8/vqoeSlwnLXdG9Tn9mSOM+lWDjBFqAmXzRFxCpMoGcBN0JXAFWzd6AisXPxvQQFNgnVAx0f4usUlxZ415hq+VPvRrWNBzQsk43DOKNAsSgMQAQTeMxwEN0CqAY= ; Message-ID: <20060906004808.92941.qmail@web83112.mail.mud.yahoo.com> Received: from [75.35.98.148] by web83112.mail.mud.yahoo.com via HTTP; Tue, 05 Sep 2006 17:48:08 PDT Date: Tue, 5 Sep 2006 17:48:08 -0700 (PDT) From: backyard To: Noah , backyard1454-bsd@yahoo.com In-Reply-To: <44FDC44A.8030904@enabled.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Cc: freebsd-questions@freebsd.org Subject: Re: sshd login stalling X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: backyard1454-bsd@yahoo.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Sep 2006 00:48:09 -0000 --- Noah wrote: > backyard wrote: > > --- Noah wrote: > > > > > >> Okay I cant seem to figure out why sshd logins > are > >> stalling. I see that > >> I am coming from an IP address that does not have > >> Reverse mapping. > >> > >> So I added the lines below to > >> /usr/local/etc/ssh/sshd_config > >> and /etc/ssh is sym linked to /usr/local/etc/ssh > >> > >> --- snip --- > >> lrwxr-xr-x 1 root wheel 18 Sep 4 23:01 > ssh > >> -> /usr/local/etc/ssh > >> > >> UseDNS no > >> VerifyReverseMapping no > >> > >> ---- snip --- > >> > >> > >> cheers, > >> > >> Noah > >> > > > > > > just a thought but if /etc/ssh is linked to > > /usr/local/etc/ssh wouldn't that just cause > troubles > > from the ghetco? My understanding is > /usr/local/etc is > > for local specific configurations so that a site > > specific configuration in /etc can be loaded and > > appended by the stuff in /usr/local/etc. Wouldn't > > symlinking one to the other force the same config > > files to be loaded twice??? And if so wouldn't > that > > possibly confuse the daemon? Maybe I'm not > entirely > > clear on how all that works myself. but my > > understanding is /etc is read first and then > appended > > by /usr/local/etc. Although I can see how this > would > > allow NFS to be used on diskless clients using > generic > > /etc while allowing system specific configurations > to > > be stored elsewhere and linked in as needed. I am > just > > under the impression that /usr/local/etc is not > for > > this purpose. of course I'm not the brightest tool > in > > the shed... > > > > > > Well currently if I am coming from an IP address the > has reverse mapping > then things work fine there is no stalling > whatsoever. When I removed > the sym link between /etc/ssh and /usr/local/etc/ssh > things work fine > now. these is still stalling experienced when > coming from an machine > with a non-reverse mapped IP. > > other clues? > > cheers, > > Noah > > do you have a firewall setup or any other packet filtering going on on the box? Is this problem only with sshd or do all daemons have trouble with a host that doesn't do reverse-lookups? Perhaps the IP stack is just blocking the packets coming in from non-fully qualified hosts. -brian