From owner-freebsd-questions@FreeBSD.ORG Thu Aug 25 16:47:42 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A558216A420 for ; Thu, 25 Aug 2005 16:47:42 +0000 (GMT) (envelope-from sjmorgan@gmail.com) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.201]) by mx1.FreeBSD.org (Postfix) with ESMTP id CAB0843D46 for ; Thu, 25 Aug 2005 16:47:41 +0000 (GMT) (envelope-from sjmorgan@gmail.com) Received: by wproxy.gmail.com with SMTP id i1so176751wra for ; Thu, 25 Aug 2005 09:47:40 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=QrBKv//nLS5u0b2pPFnMkSLPBVHtjZf9ofRqfI30fXsz9oEhFQlX3w7L1yTO7bCC+L5z0/0PzxC2DovrxCgvEzJ+kpfLuqVw412tzvXGD9vmg2tWSg6gvcedGOLuAdXTru/kzkbmSQ0dlNzF8EtO0s4iDCSWMVm44To1Lay5t4A= Received: by 10.54.89.14 with SMTP id m14mr2150913wrb; Thu, 25 Aug 2005 09:47:40 -0700 (PDT) Received: by 10.54.62.2 with HTTP; Thu, 25 Aug 2005 09:47:40 -0700 (PDT) Message-ID: Date: Thu, 25 Aug 2005 17:47:40 +0100 From: Simon Morgan To: Ben Pratt In-Reply-To: <430DC324.6030708@thegeekzone.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <430DC324.6030708@thegeekzone.com> Cc: freebsd-questions@freebsd.org Subject: Re: cannot ssh to machine on lan when it has no internet connection X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Aug 2005 16:47:43 -0000 On 8/25/05, Ben Pratt wrote: > I'm not sure if this will work or not but try setting up /etc/hosts to > reflect your LAN. I had a friend who had issues when, even though he was > connected to the Internet, he had DNS messed up on his FreeBSD system. > I'm thinking the SSH server is trying to do some DNS lookups and if you > set your hosts file to have the information about the client machine > that may be resolved. Thanks for the reply. That would probably fix it but ideally I'd like to fi= x the root of the problem. Not being able to resolve the IP of a client really shouldn't stop them from connecting using SSH and if there's a bug in there somewhere I'd like to get it fixed so that it doesn't bite anybody else. I'm thinking dnscache would probably have to timeout on all the root servers before sending a response to SSH saying it couldn't resolve the hostname which might be the cause of the problem, but that shouldn't affect SSH which should timeout waiting for a response from dnscache. The authentication timeout in auth.log appears to indicate that SSH is counting any delay in name resolution towards that of authentication which seems to me to be very broken behaviour considering that SSH isn't accepting any form of authentication, at least not keyboard-interactive. Basically I'm waiting for somebody to tell me that I've made some stupid mistake otherwise I'll file a bug. Simon