LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 03-06-2014, 01:24 AM   #1
sachin.davra
Member
 
Registered: Jul 2013
Posts: 213

Rep: Reputation: Disabled
ssh to xxx.xxx.xxx.xxx


Code:
reverse mapping checking getaddrinfo for swift.gai.net.50.168.192.in-addr.arpa [192.168.50.3] failed - POSSIBLE BREAK-IN ATTEMPT!
when i am trying to ssh to server, i am getting above msg. may i know what entry needs to be done in dns. how ever i have already mapped this in dns in reverse and forward zone also.

Last edited by sachin.davra; 03-06-2014 at 02:00 AM.
 
Old 03-06-2014, 04:49 AM   #2
Smokey_justme
Member
 
Registered: Oct 2009
Distribution: Slackware
Posts: 534

Rep: Reputation: 203Reputation: 203Reputation: 203
That IP is a local one, so things are a little more (not by much) complicated since your DNS server should not try to resolve this request outside your network...
So first you should have a zone for this reverse names in 'named.conf' on your DNS server:

Code:
zone "50.168.192.in-addr.arpa" {
  type master;
  file "revp.50.168.192";
};
Then, be sure one of your A records match that of the PTR record for that IP..

Also, be sure that your server does check your local DSN first..

Here's a nice, small tutorial for something similar: http://www.madboa.com/geek/soho-bind/
 
Old 03-06-2014, 09:30 PM   #3
sachin.davra
Member
 
Registered: Jul 2013
Posts: 213

Original Poster
Rep: Reputation: Disabled
Actually reverse zone in named.conf is already configured and it is configured to look for local dns first. However i get this error when i try to ssh to that server only.
 
Old 03-07-2014, 01:12 AM   #4
Smokey_justme
Member
 
Registered: Oct 2009
Distribution: Slackware
Posts: 534

Rep: Reputation: 203Reputation: 203Reputation: 203
Hmm.. try using nslookup or dig from that server to see how it resolves the address..

Code:
dig -x 129.168.50.3
 
Old 03-07-2014, 01:30 AM   #5
sachin.davra
Member
 
Registered: Jul 2013
Posts: 213

Original Poster
Rep: Reputation: Disabled
Code:
[sachin.davra@GAIDL-5015 ~]$ ssh root@192.168.50.3
reverse mapping checking getaddrinfo for swift.gai.net.50.168.192.in-addr.arpa [192.168.50.3] failed - POSSIBLE BREAK-IN ATTEMPT!
root@192.168.50.3's password: 
Last login: Fri Mar  7 05:05:41 2014 from 192.168.0.125
[root@swift ~]# dig -x 192.168.50.3

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6 <<>> -x 192.168.50.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18207
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;3.50.168.192.in-addr.arpa.	IN	PTR

;; ANSWER SECTION:
3.50.168.192.in-addr.arpa. 86400 IN	PTR	swift.gai.net.50.168.192.in-addr.arpa.

;; AUTHORITY SECTION:
50.168.192.in-addr.arpa. 86400	IN	NS	GAIDL-5001.gai.net.

;; ADDITIONAL SECTION:
GAIDL-5001.gai.net.	10800	IN	A	192.168.50.1

;; Query time: 1 msec
;; SERVER: 192.168.50.1#53(192.168.50.1)
;; WHEN: Fri Mar  7 06:29:47 2014
;; MSG SIZE  rcvd: 119
Here is what i got when i gave command as per your instruction in that server itself.
 
Old 03-07-2014, 02:28 AM   #6
Smokey_justme
Member
 
Registered: Oct 2009
Distribution: Slackware
Posts: 534

Rep: Reputation: 203Reputation: 203Reputation: 203
Hmm.. You're right, it does check the local DNS.. But it seems that this is the actual return from it : "swift.gai.net.50.168.192.in-addr.arpa."

Could you check if the DNS zone configuration file for reverse LAN IPs is ok.. The problem seems to be there.. Actually, Are you sure you're not missing the final dot?
From what I gathered, your line should look like this:
Code:
3 IN PTR swift.gai.net.
P.S. Thanks for ignoring the '129' typo in my previous post...
 
1 members found this post helpful.
Old 03-07-2014, 02:38 AM   #7
sachin.davra
Member
 
Registered: Jul 2013
Posts: 213

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Smokey_justme View Post
Hmm.. You're right, it does check the local DNS.. But it seems that this is the actual return from it : "swift.gai.net.50.168.192.in-addr.arpa."

Could you check if the DNS zone configuration file for reverse LAN IPs is ok.. The problem seems to be there.. Actually, Are you sure you're not missing the final dot?
From what I gathered, your line should look like this:
Code:
3 IN PTR swift.gai.net.
P.S. Thanks for ignoring the '129' typo in my previous post...
Thanks, Awsome knowledge.
It's solved. i was missing last dot when i was mapping ip to server name in reverse zone.

Marking it as solved.

Last edited by sachin.davra; 03-07-2014 at 02:38 AM. Reason: solved.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Error, some other host already uses address xxx.xxx,xxx,xxx ryan462 Linux - Networking 20 01-25-2010 12:14 AM
http://www.spamhaus.org/query/bl?xxx.xxx.xxx.xxx (Server cannot send email now!) RMLinux Linux - Server 3 05-08-2009 03:06 AM
smbclient -M xxx.xxx.xxx.xxx Doesnt Work DiscreetControl Linux - Networking 7 12-28-2007 11:50 AM
Problem getting connection with a DLink Router after setting static IP 10.xxx.xxx.xxx kezira Linux - Networking 1 11-09-2005 11:27 PM
Host XXX.XXX.XXX.XXX is not allowed to connect to this MySQL server ocavid Linux - Newbie 2 03-16-2005 10:40 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 01:49 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration