From owner-freebsd-questions Sat Nov 16 12:54: 2 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 02D7937B401 for ; Sat, 16 Nov 2002 12:54:00 -0800 (PST) Received: from codeblau.de (codeblau.walledcity.de [212.84.209.34]) by mx1.FreeBSD.org (Postfix) with ESMTP id E658B43E42 for ; Sat, 16 Nov 2002 12:53:40 -0800 (PST) (envelope-from stephan-freebsd-questions@eckner.org) Received: (qmail 3019 invoked by uid 103); 16 Nov 2002 20:53:31 -0000 Date: Sat, 16 Nov 2002 21:53:31 +0100 From: Stephan Eckner To: freebsd-questions@freebsd.org Subject: sshd and reverse lookups Message-ID: <20021116205331.GB2815@knuth.codeblau.de> Mail-Followup-To: freebsd-questions@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.27i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi, being new to Freebsd, I'm having a problem with sshd on 4.7-RELEASE: Although my DNS-Setup is configured correctly, I get a very long delay when connecting to the FreeBSD machine. Here are the details: I'm using the OpenSSH-Version that came with 4.7-RELEAS: freebsd# ssh -V OpenSSH_3.4p1 FreeBSD-20020702, SSH protocols 1.5/2.0, OpenSSL 0x0090607f The machine is called freebsd.local and has the IP-Address 192.168.1.99: freebsd# ifconfig fxp1 fxp1: flags=8943 mtu 1500 inet 192.168.1.99 netmask 0xffffff00 broadcast 192.168.1.255 I tried to tell sshd not to reverse-lookup IP-Adresses: freebsd# ps afux | grep sshd root 92 0.0 2.2 2336 1352 ?? Is 8:06PM 0:00.01 /usr/sbin/sshd -u0 freebsd# grep Reverse /etc/ssh/sshd_config VerifyReverseMapping no I told the resolver to use my DNS-Server on 192.168.1.1: freebsd# cat /etc/resolv.conf search local nameserver 192.168.1.1 freebsd# cat /etc/host.conf # $FreeBSD: src/etc/host.conf,v 1.6 1999/08/27 23:23:41 peter Exp $ # First try the /etc/hosts file hosts # Now try the nameserver next. bind # If you have YP/NIS configured, uncomment the next line # nis ... which is actually working: freebsd# nslookup 192.168.2.66 Server: mutter.local Address: 192.168.1.1 Name: laura.wlan Address: 192.168.2.66 Now, when I connect from laura.wlan, the ssh-connection hangs, because sshd on freebsd.local tries to contact a nameserver ... on _freebsd.local_: freebsd# tcpdump -n -i lo0 tcpdump: listening on lo0 20:42:31.233449 192.168.1.99.1066 > 192.168.1.99.53: 13026+ PTR? 66.2.168.192.in-addr.arpa. (43) freebsd# lsof -n <--snip--> sshd 692 sshd 4u IPv4 0xc6263600 0t0 TCP 192.168.1.99:ssh->192.168.2.66:36540 (ESTABLISHED) sshd 692 sshd 5u 0xc0b79500 file struct, ty=0x5, op=0xc0264dac sshd 692 sshd 6u PIPE 0xc67e4ca0 16384 ->0xc67e4b60 sshd 692 sshd 7u IPv4 0xc6201ec0 0t0 UDP 192.168.1.99:instl_boots->192.168.1.99:domain Of course there is no response, because there is no nameserver on freebsd.local. Why is sshd doing these reverse-lookups and where does it get the idea from to ask a nameserver on the local machine? Stephan PS: After upgrading my ports tree I installed first openssh-3.5 (same problem) and then openssh-portable-3.5p1 (no problem). -- Stephan Eckner http://www.eckner.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message