[Gllug] sshd getting a bit hysterical
Joel Bernstein
joel at fysh.org
Thu Apr 14 16:47:54 UTC 2005
On Thu, Apr 14, 2005 at 05:33:44PM +0100, Rev Simon Rumble wrote:
> I get this in my logs whenever I connect to my server from my home
> machine:
>
> Apr 14 17:30:32 localhost sshd[27038]: reverse mapping checking getaddrinfo for 81-1-84-192.homechoice.co.uk failed - POSSIBLE BREAKIN ATTEMPT!
>
> Seems a bit over the top, no? I mean "POSSIBLE BREAKIN ATTEMPT!" is a
> bit extreme for an address that just doesn't have a reverse lookup
> record, right?
I believe that sshd in fact looks up the address that's trying to
connect, then checks that the name for that address resolves back to the
address again. Something like that anyway.
> Any way to turn this off?
add "UseDNS no" to your sshd_config [commonly /etc/ssh/sshd_config] and
HUP sshd.
See the man page for sshd_config(5):
UseDNS Specifies whether sshd should lookup the remote host name and
check that the resolved host name for the remote IP address maps
back to the very same IP address.
The default is ``yes''.
/joel
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list