Host name lookup failure using hostbased authentication
Thomas Köller
thomas at koeller.dyndns.org
Mon Oct 23 00:29:40 AEDT 2023
There is a nasty problem when using hostbased authentication:
[thomas at sarkovy ~]$ journalctl -l -f | grep -Fe 'sshd['
Okt 22 15:20:54 sarkovy sshd[35034]: userauth_hostbased mismatch: client
sends htpc.koeller.dyndns.org, but we resolve 192.168.0.2 to 192.168.0.2
Okt 22 15:20:54 sarkovy sshd[35034]: Connection closed by authenticating
user thomas 192.168.0.2 port 36284 [preauth]
^C
Note that hostname/address lookups work in either direction:
[thomas at sarkovy ~]$ host htpc.koeller.dyndns.org
htpc.koeller.dyndns.org has address 192.168.0.2
htpc.koeller.dyndns.org has IPv6 address fd46:1ffa:d8e0::2
[thomas at sarkovy ~]$ host 192.168.0.2
2.0.168.192.in-addr.arpa domain name pointer htpc.koeller.dyndns.org.
What's wrong here?
Thomas
More information about the openssh-unix-dev
mailing list