cannot ssh to machine on lan when it has no internet connection
When I try to SSH to a machine on my LAN when its Internet connection is down I get the following: OpenSSH_3.9p1 Debian-1ubuntu2, OpenSSL 0.9.7e 25 Oct 2004 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Next authentication method: keyboard-interactive Connection closed by 82.71.120.78 In the remote machines /var/log/auth.log I see: Aug 25 10:37:10 bollo sshd[465]: fatal: Timeout before authentication for 82.71.120.74 The resolv.conf on the remote machine has a single entry which points to the machine itself which is running dnscache. Any ideas? Could this be construed as being a bug? Please CC me on any replies. Thanks. Simon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: cannot ssh to machine on lan when it has no internet connection
On 8/25/05, Ben Pratt <[EMAIL PROTECTED]> wrote: > I'm not sure if this will work or not but try setting up /etc/hosts to > reflect your LAN. I had a friend who had issues when, even though he was > connected to the Internet, he had DNS messed up on his FreeBSD system. > I'm thinking the SSH server is trying to do some DNS lookups and if you > set your hosts file to have the information about the client machine > that may be resolved. Thanks for the reply. That would probably fix it but ideally I'd like to fix the root of the problem. Not being able to resolve the IP of a client really shouldn't stop them from connecting using SSH and if there's a bug in there somewhere I'd like to get it fixed so that it doesn't bite anybody else. I'm thinking dnscache would probably have to timeout on all the root servers before sending a response to SSH saying it couldn't resolve the hostname which might be the cause of the problem, but that shouldn't affect SSH which should timeout waiting for a response from dnscache. The authentication timeout in auth.log appears to indicate that SSH is counting any delay in name resolution towards that of authentication which seems to me to be very broken behaviour considering that SSH isn't accepting any form of authentication, at least not keyboard-interactive. Basically I'm waiting for somebody to tell me that I've made some stupid mistake otherwise I'll file a bug. Simon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: cannot ssh to machine on lan when it has no internet connection
On 8/25/05, Ben Pratt <[EMAIL PROTECTED]> wrote: > I'm not sure if this will work or not but try setting up /etc/hosts to > reflect your LAN. I had a friend who had issues when, even though he was > connected to the Internet, he had DNS messed up on his FreeBSD system. > I'm thinking the SSH server is trying to do some DNS lookups and if you > set your hosts file to have the information about the client machine > that may be resolved. Just to let you know I tried your suggestion and unfortunately it didn't work. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: cannot ssh to machine on lan when it has no internet connection
Simon Morgan wrote: On 8/25/05, Ben Pratt <[EMAIL PROTECTED]> wrote: I'm not sure if this will work or not but try setting up /etc/hosts to reflect your LAN. I had a friend who had issues when, even though he was connected to the Internet, he had DNS messed up on his FreeBSD system. I'm thinking the SSH server is trying to do some DNS lookups and if you set your hosts file to have the information about the client machine that may be resolved. Just to let you know I tried your suggestion and unfortunately it didn't work. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" You could set the UseDNS option in /etc/ssh/sshd_config to no. I found this helps when there is no available DNS servers. -- Jeremy Johnston (President / Developer) SmartServ Hosting Email: [EMAIL PROTECTED] Phone: 1-250-402-6634 Ext. 201 Cell: 1-250-402-9583 | [EMAIL PROTECTED] (150 Characters max) Fax: 1-250-402-6634 Toll Free: 1-866-702-2904 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: cannot ssh to machine on lan when it has no internet connection
On Thu, 25 Aug 2005 17:47:40 +0100 Simon Morgan <[EMAIL PROTECTED]> wrote: > Thanks for the reply. That would probably fix it but ideally I'd like > to fix the root of the problem. Not being able to resolve the IP of a > client really shouldn't stop them from connecting using SSH and if > there's a bug in there somewhere I'd like to get it fixed so that it > doesn't bite anybody else. You could also search your /etc/hosts.allow for the following line: ALL : PARANOID : RFC931 20 : deny Comment it out and see if it fixes your problem. -- Adi Pircalabu (PGP Key ID 0x04329F5E) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: cannot ssh to machine on lan when it has no internet connection
On 8/26/05, Adi Pircalabu <[EMAIL PROTECTED]> wrote: > You could also search your /etc/hosts.allow for the following line: > ALL : PARANOID : RFC931 20 : deny No luck. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"