From owner-freebsd-hackers@FreeBSD.ORG Sat Apr 23 16:02:13 2005 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A08CC16A4CE; Sat, 23 Apr 2005 16:02:13 +0000 (GMT) Received: from grant.org (grant.org [206.190.173.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0B5F643D45; Sat, 23 Apr 2005 16:02:13 +0000 (GMT) (envelope-from Devon@Jovi.Net) Received: from grant.org (localhost [127.0.0.1]) by grant.org (8.12.11/8.12.11) with ESMTP id j3NG1aQB096999 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 23 Apr 2005 12:01:37 -0400 (EDT) (envelope-from Devon@Jovi.Net) Received: (from devon@localhost) by grant.org (8.12.11/8.12.11/Submit) id j3NG1XQP096947; Sat, 23 Apr 2005 12:01:33 -0400 (EDT) (envelope-from Devon@Jovi.Net) Date: Sat, 23 Apr 2005 12:01:33 -0400 (EDT) Message-Id: <200504231601.j3NG1XQP096947@grant.org> X-Authentication-Warning: grant.org: devon set sender to Devon@Jovi.Net using -f From: Devon Sean McCullough To: Lucas Holt In-reply-to: <8fed6f5a0d21fb3a660b0e511cfd3e07@foolishgames.com> (message from Lucas Holt on Sat, 23 Apr 2005 00:11:19 -0400) References: <200504192127.j3JLR9Oq055796@grant.org><20050420083114.X46699@eleanor.us1.wmi.uvac.net> <200504201248.j3KCmYH3071130@grant.org> <011901c545a9$e5ac6fc0$b3db87d4@multiplay.co.uk> <200504201335.j3KDZMZ4086059@grant.org> <8fed6f5a0d21fb3a660b0e511cfd3e07@foolishgames.com> X-Spam-Status: No, score=-5.9 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.0.2 X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on grant.org X-Virus-Scanned: by amavisd-new X-Mailman-Approved-At: Sun, 24 Apr 2005 12:04:34 +0000 cc: security-advisories@freebsd.org cc: freebsd-hackers@freebsd.org cc: FreeBSD-2005@Jovi.Net cc: killing@BarrysWorld.com Subject: Re: sshd dieing? after applying FreeBSD-SA-03:12.openssh X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Apr 2005 16:02:13 -0000 Date: Sat, 23 Apr 2005 00:11:19 -0400 From: Lucas Holt As I recall there is an option in the openssh config file in recent versions to disable DNS lookups. Thank you for pointing that out! FreeBSD-5.3 supports workaround # sshd -o UseDNS=no but older servers do not. An older workaround # echo hosts: files >> /etc/nsswitch.conf disables DNS on the entire server. I know /etc/host.conf controlled host lookups, now vanished with no trace. I guess /etc/hosts lacks reverse lookups. Peace --Devon /~\ \ / Health Care X not warfare / \ Dubya won the digital vote Kerry won the popular vote PS: Oh no, I exposed my real mailbox to spammers harvesting the FreeBSD lists, ugh, time for a new domain and a smarter mailer. Subject: Re: sshd dieing? after applying FreeBSD-SA-03:12.openssh Date: Sat, 23 Apr 2005 00:11:19 -0400 From: Lucas Holt In-Reply-To: <200504201335.j3KDZMZ4086059@grant.org> As I recall there is an option in the openssh config file in recent versions to disable DNS lookups. On Apr 20, 2005, at 9:35 AM, FreeBSD-2005@Jovi.Net wrote: > In the future, please do as I did and publish whatever solution you > find, > my answer was somewhat lame but worked for me and will help the next > guy. > To the SSH server /etc/hosts I added the client machine, now when it > gets > to debug1: got SSH2_MSG_SERVICE_ACCEPT it hangs for only 75 seconds. > > Peace > --Devon > > From: "Steven Hartland" > Cc: , , > , > Date: Wed, 20 Apr 2005 14:07:21 +0100 > > Sorry I don't remember the solution we came up with. It was a long time > ago. I think it was to do with DNS invalid / broken DNS or something > like that but I couldn't say for sure. > > Regards > Steve > ----- Original Message ----- > From: >> >> This trouble hit me yesterday, 2005 Apr 19 Tue, Google led me to >> someone else with the exact same trouble. What use to ask the net >> if nobody publishes an ANSWER? A good netizen does the right thing. >> By citing the original question, I create a link to a possible answer. > > ================================================ > This e.mail is private and confidential between Multiplay (UK) Ltd. > and the person or entity to whom it is addressed. In the event of > misdirection, the recipient is prohibited from using, copying, > printing or otherwise disseminating it or any information contained in > it. > > In the event of misdirection, illegible or incomplete transmission > please telephone (023) 8024 3137 > or return the E.mail to postmaster@multiplay.co.uk. > > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to > "freebsd-hackers-unsubscribe@freebsd.org" > > Lucas Holt Luke@FoolishGames.com ________________________________________________________ FoolishGames.com (Jewel Fan Site) JustJournal.com (Free blogging) FoolishGames.net (Enemy Territory IoM site)