On Fri, Jan 02, 2004 at 12:29:44AM +0000, Pigeon wrote: > On Thu, Jan 01, 2004 at 10:02:36PM +0000, Colin Watson wrote: > > Perhaps the remote end is configured with 'ALL: PARANOID' in hosts.deny, > > Can't check without going there :-) but I'm fairly sure this is the case, > from memory. > > > and your reverse DNS is wrong? That's a common cause of ssh connections > > failing in the manner you describe, since tcp-wrappers checks happen at > > about that stage. > > Ah yes, reverse DNS is wrong - on the local end I get: > > [EMAIL PROTECTED]:~$ hostname > droitwichbox.dyndns.org > [EMAIL PROTECTED]:~$ host droitwichbox.dyndns.org > droitwichbox.dyndns.org has address 195.40.200.248 > [EMAIL PROTECTED]:~$ host 195.40.200.248 > 248.200.40.195.in-addr.arpa domain name pointer tnt-5-248.easynet.co.uk. > [EMAIL PROTECTED]:~$ > > ...so it looks like I need to temporarily reconfigure the local end's > hostname according to the above result, and try again the next time the > remote end comes online...
Tried it... # hostname tnt-9-92.easynet.co.uk (correct for this dialup session)... ...but it fails in exactly the same way. So either a) reconfiguring the local end's hostname is a flawed approach, or b) there is a config problem other than ALL: PARANOID / broken reverse DNS at the remote end. Is (a) true? -- Pigeon Be kind to pigeons Get my GPG key here: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x21C61F7F
pgp00000.pgp
Description: PGP signature
