Date: Mon, 17 Mar 2003 07:10:27 +0100 From: lupe@lupe-christoph.de (Lupe Christoph) To: sysadmin@wvths.com Cc: freebsd-security@FreeBSD.ORG Subject: Re: openssh 3.5 connection timeout Message-ID: <20030317061027.GA27778@lupe-christoph.de> In-Reply-To: <16705.24.218.220.202.1047871579.squirrel@webmail.wvths.com> References: <15678.24.218.220.202.1047852089.squirrel@webmail.wvths.com> <xzphea295wk.fsf@flood.ping.uio.no> <16705.24.218.220.202.1047871579.squirrel@webmail.wvths.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sunday, 2003-03-16 at 22:26:19 -0500, sysadmin@wvths.com wrote: > /etc/resolv.conf lists the valid DNS servers, which don't include > 127.0.0.1 as I'm not running bind locally. The connection timeout > disapears after satrting named locally. If there is no /etc/resolv.conf, the resolver falls back to 127.0.0.1. I'd bet (if I did any betting ;-) you have UsePrivilegeSeparation yes in your /etc/ssh/sshd_config. When /etc/resolv.conf is opened, sshd is already chrooted. Either set UsePrivilegeSeparation to no (not recommended), put a /etc/resolve.conf in /var/empty (not too good), or set ReverseMappingCheck to no (better). You may also want to run a local caching named (best). > Following Dag-Erling Smørgrav's advise on starting sshd in debugging mode, > I don't get "debug1: res_init()". I'm currently using FreeBSD 4.7-p6 and > openssh 3.5 built today(03/16). I'll upgrade to 4-STABLE today and post if > anything changes .. This is not a bug in OpenSSH, and has been discussed here before. HTH, Lupe Christoph -- | lupe@lupe-christoph.de | http://www.lupe-christoph.de/ | | Big Misunderstandings #6398: The Titanic was not supposed to be | | unsinkable. The designer had a speech impediment. He said: "I have | | thith great unthinkable conthept ..." | To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030317061027.GA27778>