I've got a little problem here involving ssh, gethostbyname, and /etc/hosts.deny, which by curious coincidence strongly resembles the subject line of this post.
The setup: I'm connecting via ssh to a server on our DMZ, proxied
through a masquerading firewall. Like this:
Internet
~~~~~~~~~~~~~~~~~~~~~~
/ \
/ \
Masq-FW ----------- Server
|
|
|
Workstation
Sometimes ssh works. Sometimes it doesn't:
[EMAIL PROTECTED]:karsten]$ ssh lists
ssh_exchange_identification: Connection closed by remote host
...maybe 1 of 4 attempts succeeds.
On the host, in /var/auth.log, I see:
Sep 12 01:10:32 lists sshd[1884]: warning: /etc/hosts.deny, line 15:
can't verify hostname: gethostbyname(140.208.171.207.in-addr.arpa)
failed
Sep 12 01:10:32 lists sshd[1884]: refused connect from 207.171.xxx.xxx
...and looking at /etc/hosts.deny, we find at line 15:
ALL: PARANOID
(the only non-comment line in the file).
There are no entries in /etc/hosts.allow.
Questions:
- Can I fix this by allowing SSH access in /etc/hosts.allow. I'm
assuming yes and will try this.
- Why the periodic failure. If my address cannot be resolved, why
should it appear to be resolving some of the time, but not always?
- Doesn this indicate a problem with the masquerading configuration
(I'm not responsible for this)? Any further diagnostics to test
this out?
Thanks.
--
Karsten M. Self <kmself@ix.netcom.com> http://www.netcom.com/~kmself
Evangelist, Opensales, Inc. http://www.opensales.org
What part of "Gestalt" don't you understand? Debian GNU/Linux rocks!
http://gestalt-system.sourceforge.net/ K5: http://www.kuro5hin.org
GPG fingerprint: F932 8B25 5FDD 2528 D595 DC61 3847 889F 55F2 B9B0
pgpqjzQ1Qc3gc.pgp
Description: PGP signature
