From owner-freebsd-hackers@FreeBSD.ORG Fri Sep 5 10:11:29 2003 Return-Path: <owner-freebsd-hackers@FreeBSD.ORG> Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9B17616A4BF for <freebsd-hackers@freebsd.org>; Fri, 5 Sep 2003 10:11:29 -0700 (PDT) Received: from arthur.nitro.dk (port324.ds1-khk.adsl.cybercity.dk [212.242.113.79]) by mx1.FreeBSD.org (Postfix) with ESMTP id C73A943FE3 for <freebsd-hackers@freebsd.org>; Fri, 5 Sep 2003 10:11:28 -0700 (PDT) (envelope-from simon@arthur.nitro.dk) Received: by arthur.nitro.dk (Postfix, from userid 1000) id 7DD0910BF8C; Fri, 5 Sep 2003 19:11:27 +0200 (CEST) Date: Fri, 5 Sep 2003 19:11:27 +0200 From: "Simon L. Nielsen" <simon@FreeBSD.org> To: Dwayne MacKinnon <Dwayne.MacKinnon@xwave.com> Message-ID: <20030905171125.GA1356@FreeBSD.org> References: <3F589E94.1080508@xwave.com> <20030905154646.GA59881@rot13.obsecurity.org> <3F58B3F4.3020502@xwave.com> <20030905161030.GC22913@pun.isi.edu> <3F58B9D6.7040102@xwave.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="FL5UXtIhxfXey3p5" Content-Disposition: inline In-Reply-To: <3F58B9D6.7040102@xwave.com> User-Agent: Mutt/1.5.4i cc: freebsd-hackers@freebsd.org cc: Ted Faber <faber@ISI.EDU> cc: Kris Kennaway <kris@obsecurity.org> Subject: Re: PUzzling sshd behaviour X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD <freebsd-hackers.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers> List-Post: <mailto:freebsd-hackers@freebsd.org> List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe> X-List-Received-Date: Fri, 05 Sep 2003 17:11:29 -0000 --FL5UXtIhxfXey3p5 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2003.09.05 12:29:10 -0400, Dwayne MacKinnon wrote: > Ted Faber wrote: > >On Fri, Sep 05, 2003 at 12:04:04PM -0400, Dwayne MacKinnon wrote: > > > >>That much I know. I was just wondering why the daemon is trying DNS=20 > >>lookup when the IP in question is listed in /etc/hosts. I thought=20 > >>listings in /etc/hosts would supercede the need for a DNS lookup. Of=20 > >>course, I could be wrong... it wouldn't be the first time. :-) > > > > > >If you haven't you need to check out /etc/host.conf , the file that > >configures the hostname lookup order (at least on 4.8). =20 > >man 5 host.conf will tell you all about it. If you have already > >configured this, you might want to look again. (man -k resolver should > >help you find whatever it is on 5.x - I suspect it's nsswitch.) >=20 > My host.conf is a FreeBSD 4.8 default one: it lists hosts, then bind.=20 > That's why I don't understand why it's doing DNS... there's a listing in= =20 > hosts, and according to host.conf the hosts listing should be found first. Do you use Privilege Separation? That can give interesting results with DNS due to chroot into /var/empty... see the mailing lists archives. --=20 Simon L. Nielsen FreeBSD Documentation Team --FL5UXtIhxfXey3p5 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/WMO9h9pcDSc1mlERApELAJ9//3JOgPpC7n5qNVx/srvJOIthxgCgsrQ9 W7M3K8IW5k0ZiJvctzbsONA= =SdEC -----END PGP SIGNATURE----- --FL5UXtIhxfXey3p5--