On 12-Sep-2000 kmself@ix.netcom.com wrote: [...] > Sometimes ssh works. Sometimes it doesn't: > > [EMAIL PROTECTED]:karsten]$ ssh lists > ssh_exchange_identification: Connection closed by remote host > > ...maybe 1 of 4 attempts succeeds. > > On the host, in /var/auth.log, I see: > > Sep 12 01:10:32 lists sshd[1884]: warning: /etc/hosts.deny, line 15: > can't verify hostname: gethostbyname(140.208.171.207.in-addr.arpa) > failed
looks like a dns problem (?) > Sep 12 01:10:32 lists sshd[1884]: refused connect from > 207.171.xxx.xxx > > ...and looking at /etc/hosts.deny, we find at line 15: > > ALL: PARANOID The PARANOID option forces a dns lookup on the client. So if tcpd cannot look up your hostname, it won't allow the connection. > > (the only non-comment line in the file). > > There are no entries in /etc/hosts.allow. > > > Questions: > > - Can I fix this by allowing SSH access in /etc/hosts.allow. I'm > assuming yes and will try this. Yes you can. If you use only ssh, you could use "ALL EXCEPT sshd: ALL" > - Why the periodic failure. If my address cannot be resolved, why > should it appear to be resolving some of the time, but not always? I experience this problem too sometimes. Maybe some dns guru knows the answer. > > - Doesn this indicate a problem with the masquerading configuration > (I'm not responsible for this)? Any further diagnostics to test > this out? Dunno. I've never used masquerading. > Thanks. > > -- > Karsten M. Self <kmself@ix.netcom.com> http://www.netcom.com/~kmself > Evangelist, Opensales, Inc. http://www.opensales.org > What part of "Gestalt" don't you understand? Debian GNU/Linux rocks! > http://gestalt-system.sourceforge.net/ K5: http://www.kuro5hin.org > GPG fingerprint: F932 8B25 5FDD 2528 D595 DC61 3847 889F 55F2 B9B0
