You are not logged in.
- Topics: Active | Unanswered
#1 2010-10-06 19:35:56
- clearloon
- Member
- Registered: 2009-01-07
- Posts: 79
ssh using DNS fails after a period of time
Hello -
ssh into my box using a domain name is failing after a period of time (minutes).
It works when sshd first starts, but then after a period of time it will fail. After failure, I can still ssh in using the hostname, just not using the dyndns name.
I've tried the suggestions at 3.3 here (http://www.openssh.org/faq.html) but have had no result.
I've got no idea why this is happening! Why would it work to start with, but then later fail?
All my packages are current as at today, and sshd_config looks like this:
# OpenBSD: sshd_config,v 1.75 2007/03/19 01:01:29 djm Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
Port 443
Protocol 2
ListenAddress 0.0.0.0
#ListenAddress ::
# HostKey for protocol version 1
#HostKey /etc/ssh/sshhostkey
# HostKeys for protocol version 2
#HostKey /etc/ssh/sshhostrsa_key
#HostKey /etc/ssh/sshhostdsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768
# Logging
#obsoletes ~QuietMode and ~FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
LoginGraceTime 120
PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6
#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
# For this to work you will also need host keys in /etc/ssh/sshknownhosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ~ChallengeResponseAuthentication mechanism.
# Depending on your PAM configuration, this may bypass the setting of
# PasswordAuthentication, ~PermitEmptyPasswords, and
# "PermitRootLogin without-password". If you just want the PAM account and
# session checks to run without PAM authentication, then enable this but set
# ChallengeResponseAuthentication=no
#UsePAM no
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression yes
#ClientAliveInterval 0
#ClientAliveCountMax 3
UseDNS no
#PidFile /var/run/sshd.pid
#MaxStartups 10
# no default banner path
#Banner /some/path
# override default of no subsystems
Subsystem sftp /usr/lib/ssh/sftp-server
Any ideas?
Thanks,
cl
Offline
#2 2010-10-06 20:18:40
- ewaller
- Administrator
- From: Pasadena, CA
- Registered: 2009-07-13
- Posts: 19,876
Re: ssh using DNS fails after a period of time
Any chance someone in the middle is blacklisting you? Like your company's (your school / your coffee shop) IP department detecting a dynamic DNS and shutting down access?
Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way
Offline
#3 2010-10-06 21:02:53
- clearloon
- Member
- Registered: 2009-01-07
- Posts: 79
Re: ssh using DNS fails after a period of time
possible, however the issue has arisen for both my home and work connections within the last 2 weeks. Seems unlikely they'd both blacklist at the same time. Also, it does work from both initially - it just drops after 30 minutes or so...
Offline
#4 2010-10-07 10:58:56
- R00KIE
- Forum Fellow
- From: Between a computer and a chair
- Registered: 2008-09-14
- Posts: 4,734
Re: ssh using DNS fails after a period of time
I would check if you are not getting a new IP after a connection drop, that might cause trouble with dyndns.
Do a dns lookup and check that you get the correct IP and not something like 127.0.0.1 or your previous IP. You can also try to connect using IP only after you start having problems and check if the problem is with dns or something else. Check the logs and look for anything suspicious.
R00KIE
Tm90aGluZyB0byBzZWUgaGVyZSwgbW92ZSBhbG9uZy4K
Offline
#5 2010-10-12 19:05:03
- clearloon
- Member
- Registered: 2009-01-07
- Posts: 79
Re: ssh using DNS fails after a period of time
Meh. Same thing's happening when I use an IP address. Am investigating router/ISP issues...
Offline