今天在使用scp的时候提示如下内容:
reverse mapping checking getaddrinfo for 113.196.56.184.ll.static.sparqnet.net failed - POSSIBLE BREAK-IN ATTEMPT!
上网查询得到如下内容 http://blog.csdn.net/dingxy/archive/2008/05/05/2394900.aspx,好像是跟ip反解析有关,不影响ssh的使用,于是不过多管它。
今天在使用SCP的时候遇到个一个error,如下:
reverse mapping checking getaddrinfo for XXX.XXXX.com failed - POSSIBLE BREAKIN ATTEMPT!^M
我用ssh 连接了一下XXX.XXXX.com,同样的问题
reverse mapping checking getaddrinfo for sXXX.XXXX.com failed - POSSIBLE BREAKIN ATTEMPT!
Last login: Mon May 5 16:50:08 2008 from 192.168.82.128
但是,还是能进入 XXX.XXXX.com。
找到以下解释:
Reverse Mapping Checking - Possible Break-in Attempt Error with SSH
Posted May 2nd, 2008 in Linux/Unix/BSD
When you connect to a host using SSH or SFTP it does a series of checks to ensure you are connecting to the host you are expecting to connect to. One of these is a reverse lookup on the IP address to check the hostname is the same as the hostname you are connecting to. If it's not, you'll get an error message like "reverse mapping checking getaddrinfo for … POSSIBLE BREAK-IN ATTEMPT!". The post looks at a solution to this message.
当使用SSH或SFTP连接某个host时,会有一系列的检查以保证你能够连接到你想连接的机器。其中一项是 “reverse lookup on the IP address”检查机器名称和你要连接的机器名称一致。否则,你会得到这样一个错误信息:"reverse mapping checking getaddrinfo for … POSSIBLE BREAK-IN ATTEMPT!".
Connecting from the command line, you might enter something like this:
ssh my.example.comand get some output like this:
Connecting to my.example.com…reverse mapping checking getaddrinfo for 192-168-1-243.foo.bar.net failed - POSSIBLE BREAK-IN ATTEMPT!
chris@my.example.com's password:What this is telling us is that although we are connecting to my.example.com the IP address of the server we are connecting to actually maps back to 192-168-1-243.foo.bar.net in this example. When this actually happened to me, it's because the reverse DNS had not been set up for the server (which would map e.g. 192.168.1.243 to my.example.com as well as vice versa)。
这是告诉我们,尽管我们在连接my.example.com ,但是实际上该server的IP 地址对应到192-168-1-243.foo.bar.net 。但这个发生的时候,就是因为server 上的reverse DNS 没有设置好。
举例说,应该是把192.168.1.243 映射到 my.example.com 。
Because I knew this reverse mapping was OK, I can add an entry to my hosts file and it will stop the error message from happening. For the above example, I would add the following to my hosts file:
192.168.1.243 my.example.com,Now when I log in using SSH from the command line I won't get that error message any more.
这里有一个解决方法,修改ssh配置文件,让这个消息不再显示。
from http://iceskysl.1sters.com/?p=478
Get POSSIBLE BREAK-IN ATTEMPT msg when i ssh to s server
when i ssh to a server,i get some message like this:
Address 192.168.5.12 maps to localhost, but this does not map back to the address – POSSIBLE BREAKIN ATTEMPT!
Solution:
Modify the "/etc/ssh/ssh_config" file at localhost
GSSAPIAuthentication no
exp:
ssh 192.168.1.110时报错上述错,本地是192.168.1.20 ,则修改本地192.168.1.20中的/etc/ssh/ssh_config,把参数GSSAPIAuthentication no修改就可以了……或者修改服务器端192.168.1.110上的/etc/ssh/sshd_config ,把参数GSSAPIAuthentication no改了也可以。要注意的是/etc/ssh/ssh_config和/etc/ssh/sshd_confg的区别。
延伸阅读:SH登陆响应慢的问题
同样的问题,有可能是两种情况:
第一种情况比较常见,也有很多资料提及到,就是在SSH登陆时服务器端会对客户端的IP进行反解析造成登陆响应慢的问题,通常改sshd_config的“UseDNS no”即可以。
第二种情况,服务器端启用了GSSAPI[1]。登陆的时候客户端需要对服务器端的IP地址进行反解析,如果服务器的IP地址没有配置PTR记录,那么就容易在这里卡住了。
对于这种情况,就有必要禁用GSSAPI认证以加速SSH登陆,具体有下面几种方式:
- 解法一:使用ssh命令时使用附加的参数:ssh -o GSSAPIAuthentication=no server_address
- 解法二:修改客户端ssh_config(/etc/ssh/ssh_config或~/.ssh/config):GSSAPIAuthentication no
- 解法三:修改服务器端的sshd_config(/etc/ssh/ssd_config):GSSAPIAuthentication no
214
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
