From owner-freebsd-hackers@FreeBSD.ORG  Sat Sep  6 14:37:52 2003
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CEFEA16A4BF
	for <freebsd-hackers@freebsd.org>;
	Sat,  6 Sep 2003 14:37:52 -0700 (PDT)
Received: from hysteria.spc.org (hysteria.spc.org [195.206.69.234])
	by mx1.FreeBSD.org (Postfix) with SMTP id 82FEA43F3F
	for <freebsd-hackers@freebsd.org>;
	Sat,  6 Sep 2003 14:37:51 -0700 (PDT)
	(envelope-from bms@hysteria.spc.org)
Received: (qmail 9632 invoked by uid 5013); 6 Sep 2003 21:34:28 -0000
Date: Sat, 6 Sep 2003 22:34:28 +0100
From: Bruce M Simpson <bms@spc.org>
To: Kris Kennaway <kris@obsecurity.org>
Message-ID: <20030906213428.GF29217@spc.org>
Mail-Followup-To: Bruce M Simpson <bms@spc.org>,
	Kris Kennaway <kris@obsecurity.org>,
	Dwayne MacKinnon <Dwayne.MacKinnon@xwave.com>,
	freebsd-hackers@freebsd.org
References: <3F589E94.1080508@xwave.com>
	<20030905154646.GA59881@rot13.obsecurity.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20030905154646.GA59881@rot13.obsecurity.org>
User-Agent: Mutt/1.4.1i
Organization: SPC
cc: freebsd-hackers@freebsd.org
Subject: Re: PUzzling sshd behaviour
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Sep 2003 21:37:52 -0000

On Fri, Sep 05, 2003 at 08:46:46AM -0700, Kris Kennaway wrote:
> > Anyone else see this type of thing before? I did some research on the 
> > lists but all I ever saw was a problem with reading resolv.conf. That's 
> > not the case here, because it's definitely picking up the nameserver 
> > from that file.
> 
> The fact that sshd requires reverse IP resolution is well-known
> behaviour.  It's probably the most common FAQ about sshd ("Why is my
> login taking 60 seconds to present the password prompt?").

But what about:

     VerifyReverseMapping
             Specifies whether sshd should try to verify the remote host name
             and check that the resolved host name for the remote IP address
             maps back to the very same IP address.  The default is ``no''.

?

I usually configure my sshd with -u0 to prevent hostnames being truncated
in wtmp/lastlog, for better audit trail.

BMS