Date: Fri, 03 Jan 2003 14:54:57 -0200 From: "Daniel C. Sobral" <dcs@tcoip.com.br> To: ryan beasley <ryanb@goddamnbastard.org>, current@freebsd.org Subject: Re: sshd login Message-ID: <3E15C061.8010609@tcoip.com.br> In-Reply-To: <3E15917A.9090609@tcoip.com.br> References: <3E15917A.9090609@tcoip.com.br> <3E1596E1.7070504@tcoip.com.br> <20030103150108.GA62535@goddamnbastard.org>
index | next in thread | previous in thread | raw e-mail
ryan beasley wrote: > On Fri, Jan 03, 2003 at 11:57:53AM -0200, Daniel C. Sobral wrote: > > >Daniel C. Sobral wrote: > > > > > >>Starting around the end of the year, sshd is taking a LONG time to > >>proceed, just a bit after the few first packets. > > > >Ok, I found the query packets, on the loopback: > >17.199.31.172.in-addr.arpa. (44) > > *snip* > > >Only there is no reason in hell for it to query 127.0.0.1. My > >configuration files: > > *snip* > > >Anyone has suggestions? > > > Are you using privilege separation? Have you always used privilege > separation? If the answer to the first is "yes" and the second "no", > then I'm betting that it's the forked pre-auth process that's chroot'd > to /var/empty (or whatever you set the chroot dir to). You'd need to > stick a hosts/resolv.conf in the chroot environment. (e.g., > /var/empty/etc/resolv.conf) Alas, that *did* work. My first attempt (replying to another message) was done with wrong permissions. Question... it did not have this trouble before Dec 13, but Dec 30 it had (no worlds in between). The sshd_config I use is the standard one. So... why? -- Daniel C. Sobral Gerência de Operações Divisão de Comunicação de Dados Coordenação de Segurança TCO Fones: 55-61-313-7654/Cel: 55-61-9618-0904 E-mail: Daniel.Capo@tco.net.br Daniel.Sobral@tcoip.com.br dcs@tcoip.com.br To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the messagehelp
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3E15C061.8010609>