Anno domini 2019 Mon, 11 Feb 15:17:16 +0100 KatolaZ scripsit: > On Mon, Feb 11, 2019 at 11:25:03AM +0100, Dr. Nikolaus Klepp wrote: > > Anno domini 2019 Mon, 11 Feb 10:51:09 +0100 > > Didier Kryn scripsit: > > > Le 10/02/2019 à 18:19, Arnt Karlsen a écrit : > > > >> > > > >> There's nothing in the logs. It just takes verry long to start. > > > > > > > > > Tried to set LogLevel in sshd_config? > > > > > > or launch sshd with the -d option ? > > > > > > > > > Didier > > > > Hi! > > > > The problem only exists if all of these conditions are met: > > > > - kernel 4.19. from beowulf > > - network up, but DNS of ISP not reacting in time or dhcpcd did not get a > > lease > > - sshd_config has "UseDNS yes" > > - first try to start sshd after boot > > > > The problem is solved by "UseDNS no" in sshd_config. > > > > Now that sshd uses DNS on first startup is quite surprising - at least it > > was for me. > > > This is something you must have specified in your sshd_config, since > the default for sshd is to *not* UseDNS. From `man sshd_config`: > > UseDNS Specifies whether sshd(8) should look up the remote host name, > and to check that the resolved host name for the re‐ > mote IP address maps back to the very same IP address. > > If this option is set to no (the default) then only addresses > and not host names may be used in > ~/.ssh/authorized_keys from and sshd_config Match > Host directives. > > So sshd is trying to make sure that the IP it is listening on actually > maps back to the hostname. > > My2Cents > > KatolaZ >
hi! I have taken over the suggested sshd_config from the package. The line that was in sshd_config said: # UseDNS no But this line actually leads to sshd waiting for DNS (maybe) to become ready or timeout. I have not yet have time to figure out what sshd is waiting for. Nik -- Please do not email me anything that you are not comfortable also sharing with the NSA, CIA ... _______________________________________________ Dng mailing list [email protected] https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
