From owner-freebsd-security Sun Mar 16 16:35:58 2003 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 890A037B401 for ; Sun, 16 Mar 2003 16:35:56 -0800 (PST) Received: from mail.opensourcegroup.com (mail.opensourcegroup.com [66.207.128.61]) by mx1.FreeBSD.org (Postfix) with ESMTP id D6DDA43F85 for ; Sun, 16 Mar 2003 16:35:55 -0800 (PST) (envelope-from jason@sopko.net) Received: from sopko.net (hades.cirqular.com [66.207.137.3]) by mail.opensourcegroup.com (Postfix) with ESMTP id 6A55C5BA7D for ; Sun, 16 Mar 2003 19:35:49 -0500 (EST) Message-ID: <3E75185F.9070001@sopko.net> Date: Sun, 16 Mar 2003 19:35:43 -0500 From: Jason Sopko User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20030206 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-security@freebsd.org Subject: Re: openssh 3.5 connection timeout References: <15678.24.218.220.202.1047852089.squirrel@webmail.wvths.com> In-Reply-To: <15678.24.218.220.202.1047852089.squirrel@webmail.wvths.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org sysadmin@wvths.com wrote: >Hello list, > > I am having a problem with establishing the connection to the ssh server >runnning on 4.7 as well as 5.0. > > The tcpdump capture shows that the OpenSSH server tries to resolve the >the IP address of the client by doing the series of 4-8 PTR queries to >the UDP port 53 of 127.0.0.1. The timeout takes about 38-40 seconds. >After that I get the password prompt as usual. > >Has anyone anyone seen this behavior before or know of the solution? Any >input will be apreciated. > >Thanks. > > You probably have 127.0.0.1 in /etc/resolv.conf, and your ssh server is trying to lookup the PTR record for the client host as it connects. If it's timing out, that would tell me that you most likely don't have DNS running locally and have no other entries in /etc/resolv.conf for the server to look to. Change /etc/resolv.conf to have the IP address of a valid DNS host, and either remove 127.0.0.1 or install and configure BIND properly and you should be fine ///Jason To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message