Re: [CentOS] Question about Open SSH Public Keys
You could start the ssh server on that machine with -vvv to get a detailled, verbose logging. That does not always lead to entries making clear what happens, but to entries you can use for googling (or asking here). I would also have a look at DNS - compare forward and reverse lookups (are they the same for the from=... entry?), does that Centos4-Box reach the DNS RELIABLY etc. SSH lies much emphasis on a working DNS. Dirk --On 11. August 2008 15:50:38 +1200 Clint Dilks [EMAIL PROTECTED] wrote: Hi People I am setting up some systems with ssh public keys and as part of this I am using the from directive inside .ssh/authorized_keys. Currently I am using the IP address to control the source. eg from=10.0.0.1 but on one CentOS 4 System that is up to date this will only work if I replace the IP with the DNS name of the server. I have verified that DNS is resolving the DNS Name to the correct IP address on the server in question and all seems to be fine. Aside from this CentOS Box have only been able to test this out on some old FC6 Machines and they behave as I expected. Anyone got any ideas why this might be happening ? I have compared the sshd config between the FC6 Machines and the CentOS Box and can't spot anything that would explain the issue. Thanks for any ideas, and have a nice day :) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Dirk H. Schulz IT Systems Service Wiesenweg 12, 85567 Grafing Tel. 0 80 92/86 25 68 Fax. 0 80 92/86 25 72 -- Technik vom Feinsten - und das nötige Tuning ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Question about Open SSH Public Keys
Hi People I am setting up some systems with ssh public keys and as part of this I am using the from directive inside .ssh/authorized_keys. Currently I am using the IP address to control the source. eg from=10.0.0.1 but on one CentOS 4 System that is up to date this will only work if I replace the IP with the DNS name of the server. I have verified that DNS is resolving the DNS Name to the correct IP address on the server in question and all seems to be fine. Aside from this CentOS Box have only been able to test this out on some old FC6 Machines and they behave as I expected. Anyone got any ideas why this might be happening ? I have compared the sshd config between the FC6 Machines and the CentOS Box and can't spot anything that would explain the issue. Thanks for any ideas, and have a nice day :) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Question about Open SSH Public Keys
Clint Dilks wrote: Hi People I am setting up some systems with ssh public keys and as part of this I am using the from directive inside .ssh/authorized_keys. Currently I am using the IP address to control the source. eg from=10.0.0.1 but on one CentOS 4 System that is up to date this will only work if I replace the IP with the DNS name of the server. I have verified that DNS is resolving the DNS Name to the correct IP address on the server in question and all seems to be fine. Just grasping at straws, but does the reverse DNS zone resolve to the correct DNS name? For example, if the DNS entry bob.example.com translates to 10.0.0.1, does 10.0.0.1 resolve to bob.example.com? -- Jay Leafey - Memphis, TN [EMAIL PROTECTED] smime.p7s Description: S/MIME Cryptographic Signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Question about Open SSH Public Keys
Jay Leafey wrote: Clint Dilks wrote: Hi People I am setting up some systems with ssh public keys and as part of this I am using the from directive inside .ssh/authorized_keys. Currently I am using the IP address to control the source. eg from=10.0.0.1 but on one CentOS 4 System that is up to date this will only work if I replace the IP with the DNS name of the server. I have verified that DNS is resolving the DNS Name to the correct IP address on the server in question and all seems to be fine. Just grasping at straws, but does the reverse DNS zone resolve to the correct DNS name? For example, if the DNS entry bob.example.com translates to 10.0.0.1, does 10.0.0.1 resolve to bob.example.com? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Hi Jay :) That was what I was trying to say with I have verified that DNS is resolving the DNS Name to the correct IP address on the server in question and all seems to be fine. So yes I believe this is correct ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos