I wonder if sshd is ignoring UseDNS when trying host-based authentication.
The default for UseDNS is listed as 'no' in the man page but even when I
set it explicitly to 'no', sshd still seems to perform a lookup on the
incoming client.[1] Host-based authentication then fails if the lookup
fails. This is from a recent snapshot.[2]
Is this the expected behavior for host-based authentication?
Regards,
/Lars
[1]
debug1: userauth-request for user foo service ssh-connection method none
[preauth]
debug1: attempt 0 failures 0 [preauth]
debug1: userauth-request for user foo service ssh-connection method
hostbased [preauth]
debug1: attempt 1 failures 0 [preauth]
debug1: userauth_hostbased: cuser foo chost yeeloong.dhcp.inet.fi. pkalg
ecdsa-sha2-nistp256 slen 99 [preauth]
userauth_hostbased mismatch: client sends yeeloong.dhcp.inet.fi, but we
resolve 192.168.2.34 to 192.168.2.34
debug1: temporarily_use_uid: 1000/1000 (e=0/0)
debug1: restore_uid: 0/0
Failed hostbased for foo from 192.168.2.34 port 34861 ssh2: ECDSA
SHA256:CEXGTmrVgeY1qEiwFe2Yy3XqrWdjm98jKmX0LK5mlQg, client user "foo",
client host "yeeloong.dhcp.inet.fi"
debug1: userauth-request for user foo service ssh-connection method
hostbased [preauth]
debug1: attempt 2 failures 1 [preauth]
debug1: userauth_hostbased: cuser foo chost yeeloong.dhcp.inet.fi. pkalg
ssh-ed25519 slen 83 [preauth]
userauth_hostbased mismatch: client sends yeeloong.dhcp.inet.fi, but we
resolve 192.168.2.34 to 192.168.2.34
debug1: temporarily_use_uid: 1000/1000 (e=0/0)
[2]
OpenBSD 5.7-current (GENERIC.MP) #771: Sat Mar 14 03:03:49 MDT 2015
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP
cpu0: Intel(R) Core(TM)2 CPU T5600 @ 1.83GHz ("GenuineIntel" 686-class) 1.84 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,NXE,LONG,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,LAHF,PERF
real mem = 1040486400 (992MB)
avail mem = 1011085312 (964MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: date 07/29/05, SMBIOS rev. 2.4 @ 0xe0000 (37 entries)
bios0: vendor Apple Inc. version "MM21.88Z.009A.B00.0706281359" date 06/28/07
bios0: Apple Inc. Macmini2,1
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP HPET APIC MCFG ASF! SBST ECDT SSDT SSDT SSDT
acpi0: wakeup devices PXS1(S4) PXS2(S4) USB1(S3) USB2(S3) USB3(S3) USB4(S3)
USB7(S3)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 166MHz
cpu0: mwait min=64, max=64, C-substates=0.2.2.2.2, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM)2 CPU T5600 @ 1.83GHz ("GenuineIntel" 686-class) 1.84 GHz
cpu1:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,NXE,LONG,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,LAHF,PERF
ioapic0 at mainbus0: apid 1 pa 0xfec00000, version 20, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 1
acpimcfg0 at acpi0 addr 0xe0000000, bus 0-255
acpiec0 at acpi0
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (RP01)
acpiprt2 at acpi0: bus 2 (RP02)
acpiprt3 at acpi0: bus 3 (PCIB)
acpicpu0 at acpi0: C2, C1, PSS
acpicpu1 at acpi0: C2, C1, PSS
acpibtn0 at acpi0: PWRB
acpivideo0 at acpi0: GFX0
bios0: ROM list: 0xc0000/0xe600!
cpu0: Enhanced SpeedStep 1834 MHz: speeds: 1833, 1667, 1500, 1333, 1000 MHz
memory map conflict 0xe00f8000/0x1000
memory map conflict 0xfed1c000/0x4000
memory map conflict 0xfffb0000/0x30000
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Intel 82945GM Host" rev 0x03
vga1 at pci0 dev 2 function 0 "Intel 82945GM Video" rev 0x03
intagp0 at vga1
agp0 at intagp0: aperture at 0x40000000, size 0x10000000
inteldrm0 at vga1
drm0 at inteldrm0
inteldrm0: 1680x1050
wsdisplay0 at vga1 mux 1: console (std, vt100 emulation)
wsdisplay0: screen 1-5 added (std, vt100 emulation)
vendor "Intel", unknown product 0x27a3 (class DASP subclass Time and Frequency,
rev 0x03) at pci0 dev 7 function 0 not configured
azalia0 at pci0 dev 27 function 0 "Intel 82801GB HD Audio" rev 0x02: msi
azalia0: codecs: Sigmatel STAC9220/1
audio0 at azalia0
ppb0 at pci0 dev 28 function 0 "Intel 82801GB PCIE" rev 0x02: apic 1 int 17
pci1 at ppb0 bus 1
mskc0 at pci1 dev 0 function 0 "Marvell Yukon 88E8053" rev 0x22, Yukon-2 EC
rev. A3 (0x2): apic 1 int 16
msk0 at mskc0 port A: address 00:16:cb:b0:06:34
eephy0 at msk0 phy 0: 88E1111 Gigabit PHY, rev. 2
ppb1 at pci0 dev 28 function 1 "Intel 82801GB PCIE" rev 0x02: apic 1 int 16
pci2 at ppb1 bus 2
ath0 at pci2 dev 0 function 0 "Atheros AR5424" rev 0x01: apic 1 int 17
ath0: AR5424 10.3 phy 6.1 rf 10.2 eeprom 5.3, WOR5_ETSIC, address
00:1f:5b:40:2f:61
uhci0 at pci0 dev 29 function 0 "Intel 82801GB USB" rev 0x02: apic 1 int 21
uhci1 at pci0 dev 29 function 1 "Intel 82801GB USB" rev 0x02: apic 1 int 19
uhci2 at pci0 dev 29 function 2 "Intel 82801GB USB" rev 0x02: apic 1 int 18
uhci3 at pci0 dev 29 function 3 "Intel 82801GB USB" rev 0x02: apic 1 int 16
ehci0 at pci0 dev 29 function 7 "Intel 82801GB USB" rev 0x02: apic 1 int 21
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
ppb2 at pci0 dev 30 function 0 "Intel 82801BAM Hub-to-PCI" rev 0xe2
pci3 at ppb2 bus 3
"AT&T/Lucent FW322 1394" rev 0x61 at pci3 dev 3 function 0 not configured
ichpcib0 at pci0 dev 31 function 0 "Intel 82801GBM LPC" rev 0x02: PM disabled
pciide0 at pci0 dev 31 function 1 "Intel 82801GB IDE" rev 0x02: DMA, channel 0
configured to compatibility, channel 1 configured to compatibility
atapiscsi0 at pciide0 channel 0 drive 0
scsibus1 at atapiscsi0: 2 targets
cd0 at scsibus1 targ 0 lun 0: <MATSHITA, CD-RW CW-8124, DACK> ATAPI 5/cdrom
removable
cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
pciide0: channel 1 disabled (no drives)
pciide1 at pci0 dev 31 function 2 "Intel 82801GBM SATA" rev 0x02: DMA, channel
0 configured to native-PCI, channel 1 configured to native-PCI
pciide1: using apic 1 int 19 for native-PCI interrupt
wd0 at pciide1 channel 0 drive 1: <Hitachi HTS542580K9SA00>
wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors
wd0(pciide1:0:1): using PIO mode 4, Ultra-DMA mode 6
ichiic0 at pci0 dev 31 function 3 "Intel 82801GB SMBus" rev 0x02: apic 1 int 19
iic0 at ichiic0
spdmem0 at iic0 addr 0x50: 1GB DDR2 SDRAM non-parity PC2-5300CL5 SO-DIMM
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb3 at uhci2: USB revision 1.0
uhub3 at usb3 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb4 at uhci3: USB revision 1.0
uhub4 at usb4 "Intel UHCI root hub" rev 1.00/1.00 addr 1
isa0 at ichpcib0
isadma0 at isa0
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
uhidev0 at uhub1 port 1 configuration 1 interface 0 "Logitech HID compliant
keyboard" rev 1.10/1.80 addr 2
uhidev0: iclass 3/1
ukbd0 at uhidev0: 8 variable keys, 6 key codes
wskbd0 at ukbd0: console keyboard, using wsdisplay0
uhidev1 at uhub1 port 1 configuration 1 interface 1 "Logitech HID compliant
keyboard" rev 1.10/1.80 addr 2
uhidev1: iclass 3/0, 2 report ids
uhid0 at uhidev1 reportid 1: input=2, output=0, feature=0
uhid1 at uhidev1 reportid 2: input=1, output=0, feature=0
uhidev2 at uhub2 port 1 configuration 1 interface 0 "Logitech USB-PS/2 Optical
Mouse" rev 2.00/18.00 addr 2
uhidev2: iclass 3/1
ums0 at uhidev2: 6 buttons, Z dir
wsmouse0 at ums0 mux 0
uhidev3 at uhub4 port 1 configuration 1 interface 0 "Apple Computer HID-proxy"
rev 2.00/19.65 addr 2
uhidev3: iclass 3/1
ukbd1 at uhidev3: 8 variable keys, 6 key codes
wskbd1 at ukbd1 mux 1
wskbd1: connecting to wsdisplay0
uhidev4 at uhub4 port 1 configuration 1 interface 1 "Apple Computer HID-proxy"
rev 2.00/19.65 addr 2
uhidev4: iclass 3/1
ums1 at uhidev4: 5 buttons
wsmouse1 at ums1 mux 0
uhidev5 at uhub4 port 2 configuration 1 interface 0 "Apple Computer, Inc. IR
Receiver" rev 2.00/1.10 addr 3
uhidev5: iclass 3/0, 38 report ids
uhid2 at uhidev5 reportid 36: input=4, output=0, feature=0
uhid3 at uhidev5 reportid 37: input=4, output=0, feature=0
uhid4 at uhidev5 reportid 38: input=4, output=0, feature=0
vscsi0 at root
scsibus2 at vscsi0: 256 targets
softraid0 at root
scsibus3 at softraid0: 256 targets
root on wd0a (608b7d028f2e0ec8.a) swap on wd0b dump on wd0b
