Chinaunix首页 | 论坛 | 博客
  • 博客访问: 856628
  • 博文数量: 150
  • 博客积分: 5123
  • 博客等级: 大校
  • 技术积分: 1478
  • 用 户 组: 普通用户
  • 注册时间: 2008-11-06 10:03
文章分类

全部博文(150)

文章存档

2011年(2)

2010年(139)

2009年(9)

分类: LINUX

2010-08-31 15:12:45

/var/log/messages中看到如下log:
Aug 31 13:45:21 loopback sshd[2293]: Accepted publickey for oracle from 192.168.51.2 port 47823 ssh2
Aug 31 13:46:01 loopback sshd[2458]: Accepted publickey for oracle from 192.168.51.2 port 47829 ssh2
Aug 31 13:46:01 loopback sshd[2485]: Accepted publickey for oracle from 192.168.51.2 port 47830 ssh2
Aug 31 13:47:01 loopback sshd[2740]: Accepted publickey for oracle from 192.168.51.2 port 47841 ssh2
Aug 31 13:47:01 loopback sshd[2770]: Accepted publickey for root from 192.168.30.200 port 31700 ssh2
Aug 31 13:47:02 loopback sshd[2772]: Accepted publickey for oracle from 192.168.51.2 port 47842 ssh2
Aug 31 13:47:10 loopback sshd[2840]: reverse mapping checking getaddrinfo for mydns.dns.com [192.168.13.164] failed - POSSIBLE BREAK-IN ATTEMPT!
Aug 31 13:47:10 loopback sshd[2840]: Accepted publickey for nagios from 192.168.13.164 port 44965 ssh2
Aug 31 13:47:10 loopback sshd[2866]: reverse mapping checking getaddrinfo for mydns.dns.com [192.168.13.164] failed - POSSIBLE BREAK-IN ATTEMPT!
Aug 31 13:47:10 loopback sshd[2866]: Accepted publickey for nagios from 192.168.13.164 port 44969 ssh2
Aug 31 13:47:10 loopback sshd[2892]: reverse mapping checking getaddrinfo for mydns.dns.com [192.168.13.164] failed - POSSIBLE BREAK-IN ATTEMPT!
Aug 31 13:47:10 loopback sshd[2892]: Accepted publickey for nagios from 192.168.13.164 port 44972 ssh2
Aug 31 13:47:10 loopback sshd[2918]: reverse mapping checking getaddrinfo for mydns.dns.com [192.168.13.164] failed - POSSIBLE BREAK-IN ATTEMPT!
Aug 31 13:47:10 loopback sshd[2918]: Accepted publickey for nagios from 192.168.13.164 port 44975 ssh2
Aug 31 13:47:11 loopback sshd[2947]: reverse mapping checking getaddrinfo for mydns.dns.com [192.168.13.164] failed - POSSIBLE BREAK-IN ATTEMPT!
Aug 31 13:47:11 loopback sshd[2947]: Accepted publickey for nagios from 192.168.13.164 port 44978 ssh2
Aug 31 13:48:02 loopback sshd[3129]: Accepted publickey for oracle from 192.168.51.2 port 25573 ssh2
Aug 31 13:48:02 loopback sshd[3159]: Accepted publickey for oracle from 192.168.51.2 port 25574 ssh2
Aug 31 13:49:02 loopback sshd[3370]: Accepted publickey for oracle from 192.168.51.2 port 25585 ssh2
Aug 31 13:49:02 loopback sshd[3400]: Accepted publickey for oracle from 192.168.51.2 port 25586 ssh2

“reverse mapping checking getaddrinfo for xxxx POSSIBLE BREAK-IN ATTEMPT!"的错误信息是ssh中配置了DNS,当进行反解时,DNS服务器中无此主机名时,出现的错误信息。
禁止ssh使用DNS方案是修改/etc/ssh/sshd_config文件,把UseDNS 设置为no:


# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
#UsePAM no

#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
UseDNS no

#PidFile /var/run/sshd.pid
#MaxStartups 10
#PermitTunnel no



如果DNS服务器慢的话,如果没有禁止DNS,还会导致ssh登陆慢。
阅读(3347) | 评论(1) | 转发(0) |
给主人留下些什么吧!~~

chinaunix网友2010-09-03 15:45:41

Download More than 1000 free IT eBooks: http://free-ebooks.appspot.com