Networking Forums
Home Register Members Search Links
Member Login:

Networking Forums > Computer Networking > Linux Networking > scp warning

Reply
Thread Tools Display Modes

scp warning

 
 
Bob Tennent
Guest
Posts: n/a

 
      06-24-2011, 06:07 PM
scp has taken to producing messages of the form

Address ... maps to ..., but this does not map back to the address -
POSSIBLE BREAK-IN ATTEMPT!

How can I suppress such messages?
 
Reply With Quote
 
 
 
 
pk
Guest
Posts: n/a

 
      06-24-2011, 06:19 PM
On Fri, 24 Jun 2011 18:07:22 +0000 (UTC)
Bob Tennent <(E-Mail Removed)> wrote:

> scp has taken to producing messages of the form
>
> Address ... maps to ..., but this does not map back to the address -
> POSSIBLE BREAK-IN ATTEMPT!
>
> How can I suppress such messages?

By fixing the DNS.

Basically if you log in from 1.2.3.4, ssh does a reverse DNS lookup to find
the PTR record (ie, the domain name) associated to that address, and then
it does another forward lookup of the A address for that name, and check
that it corresponds to the IP address you are logging from (ie, 1.2.3.4 in
this example). If you fix the DNS to have those lookups match, the warning
will go away.

Alternatively, you could set

UseDNS no

in the sshd configuration file.
 
Reply With Quote
 
Bob Tennent
Guest
Posts: n/a

 
      06-24-2011, 07:17 PM
On Fri, 24 Jun 2011 20:19:34 +0200, pk wrote:
> On Fri, 24 Jun 2011 18:07:22 +0000 (UTC)
> Bob Tennent <(E-Mail Removed)> wrote:
>
>> scp has taken to producing messages of the form
>>
>> Address ... maps to ..., but this does not map back to the address -
>> POSSIBLE BREAK-IN ATTEMPT!
>>
>> How can I suppress such messages?
>
> By fixing the DNS.
>
> Basically if you log in from 1.2.3.4, ssh does a reverse DNS lookup to find
> the PTR record (ie, the domain name) associated to that address, and then
> it does another forward lookup of the A address for that name, and check
> that it corresponds to the IP address you are logging from (ie, 1.2.3.4 in
> this example). If you fix the DNS to have those lookups match, the warning
> will go away.
>

The complaints are about the IP address and domain of the remote site
which obtains a IP address by DHCP to which dyndns.org allows me to
associate a domain.

> Alternatively, you could set
>
> UseDNS no
>
> in the sshd configuration file.

Doesn't work (and, yes, I have re-started sshd).

Bob T.
 
Reply With Quote
 
Bob Tennent
Guest
Posts: n/a

 
      06-24-2011, 07:33 PM
On Fri, 24 Jun 2011 19:17:11 +0000 (UTC), Bob Tennent wrote:

> > Alternatively, you could set
> >
> > UseDNS no
> >
> > in the sshd configuration file.
>
> Doesn't work (and, yes, I have re-started sshd).

What does work in sshd_config is

GSSAPIAuthentication no
 
Reply With Quote
 
 
 
Reply

« Simulated NAT Traversal on Virtual Box | Two Virtual Interface - eth-0/eth1 | Bluetooth: How do I make the computer visible to the mobile phone? »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Is this a warning? no.top.post@gmail.com Linux Networking 0 11-05-2011 04:37 PM
Warning about LLU Uncle Nobby Broadband 13 03-10-2007 02:45 PM
NTL warning letters JF Broadband 4 09-01-2005 08:34 AM
Warning Message: "Warning! Insufficient bandwidth." =?Utf-8?B?YmF6emFfaw==?= Broadband Hardware 2 08-04-2005 01:36 PM
Warning to ISP's Troll Slayer - Troll-Alert.net Broadband 17 01-01-2005 01:35 PM


Forum Software Powered by vBulletin®, Copyright Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.
Contact Us - Archive - Privacy Statement - Top

1 2 3 4 5 6 7 8 9 10 11