SSH连接时报错警告消息:Reverse Mapping Checking – Possible Break-in Attempt Error with SSH

今天使用SSH连接vps,出现警示消息:

[feng@fsc ~]$ ssh root@v.path8.net
Address 173.245.70.75 maps to domain.not.configured, but this does not map back to the address – POSSIBLE BREAK-IN ATTEMPT!

上网查询得到如下内容http://blog.csdn.net/dingxy/archive/2008/05/05/2394900.aspx,好像是跟ip反解析有关,不影响ssh的使用,于是不过多管它。

今天在使用SCP的时候遇到个一个error,如下:
reverse mapping checking getaddrinfo for XXX.XXXX.com failed – POSSIBLE BREAKIN ATTEMPT!^M

我用ssh 连接了一下XXX.XXXX.com,同样的问题
reverse mapping checking getaddrinfo for sXXX.XXXX.com failed – POSSIBLE BREAKIN ATTEMPT!
Last login: Mon May  5 16:50:08 2008 from 192.168.82.128

但是,还是能进入 XXX.XXXX.com。

找到以下解释:

Reverse Mapping Checking – Possible Break-in Attempt Error with SSH
Posted May 2nd, 2008 in Linux/Unix/BSD

When you connect to a host using SSH or SFTP it does a series of checks to ensure you are connecting to the host you are expecting to connect to. One of these is a reverse lookup on the IP address to check the hostname is the same as the hostname you are connecting to. If it’s not, you’ll get an error message like “reverse mapping checking getaddrinfo for … POSSIBLE BREAK-IN ATTEMPT!”. The post looks at a solution to this message.

当使用SSH或SFTP连接某个host时,会有一系列的检查以保证你能够连接到你想连接的机器。其中一项是 “reverse lookup on the IP address”检查机器名称和你要连接的机器名称一致。否则,你会得到这样一个错误信息:”reverse mapping checking getaddrinfo for … POSSIBLE BREAK-IN ATTEMPT!”.

Connecting from the command line, you might enter something like this:

ssh my.example.comand get some output like this:

Connecting to my.example.com…reverse mapping checking getaddrinfo for 192-168-1-243.foo.bar.net failed – POSSIBLE BREAK-IN ATTEMPT!
chris@my.example.com’s password:What this is telling us is that although we are connecting to my.example.com the IP address of the server we are connecting to actually maps back to 192-168-1-243.foo.bar.net in this example. When this actually happened to me, it’s because the reverse DNS had not been set up for the server (which would map e.g. 192.168.1.243 to my.example.com as well as vice versa).

这是告诉我们,尽管我们在连接my.example.com ,但是实际上该server的IP 地址对应到192-168-1-243.foo.bar.net 。但这个发生的时候,就是因为server 上的reverse DNS 没有设置好。
举例说,应该是把192.168.1.243 映射到 my.example.com 。

Because I knew this reverse mapping was OK, I can add an entry to my hosts file and it will stop the error message from happening. For the above example, I would add the following to my hosts file:

192.168.1.243  my.example.com,Now when I log in using SSH from the command line I won’t get that error message any more.

这里有一个解决方法,修改ssh配置文件,让这个消息不再显示。

from http://iceskysl.1sters.com/?p=478

Get POSSIBLE BREAK-IN ATTEMPT msg when i ssh to s server

when i ssh to a server,i get some message like this:

Address 192.168.5.12 maps to localhost, but this does not map back to the address – POSSIBLE BREAKIN ATTEMPT!

Solution:

Modify the “/etc/ssh/ssh_config” file at localhost

GSSAPIAuthentication no

exp:

ssh 192.168.1.110时报错上述错,本地是192.168.1.20 ,则修改本地192.168.1.20中的/etc/ssh/ssh_config,把参数GSSAPIAuthentication no修改就可以了。。或者修改服务器端192.168.1.110上的/etc/ssh/sshd_config ,把参数GSSAPIAuthentication no改了也可以。要注意的是/etc/ssh/ssh_config和/etc/ssh/sshd_confg的区别。




coded by nessus
发表评论?

0 条评论。

发表评论