Skip to main content

Reverse Mapping failed for SSHD

http://www.electrictoolbox.com/reverse-mapping-possible-break-in-ssh/


See snippet below...
Connecting from the command line, you might enter something like this:
1ssh my.example.com
and get some output like this:
1Connecting to my.example.com...
2reverse mapping checking getaddrinfo for 192-168-1-243.foo.bar.net failed - POSSIBLE BREAK-IN ATTEMPT!
3chris@my.example.com's password:
What this is telling us is that although we are connecting to my.example.com the IP address of the server we are connecting to actually maps back to 192-168-1-243.foo.bar.net in this example. When this actually happened to me, it's because the reverse DNS had not been set up for the server (which would map e.g. 192.168.1.243 to my.example.com as well as vice versa).

Hosts file solution

Because I knew this reverse mapping was OK, I can add an entry to my hosts file and it will stop the error message from happening. For the above example, I would add the following to my hosts file:
1192.168.1.243  my.example.com

Comments

Post a Comment

Popular posts from this blog

Changing Password - in AD, when you're changing one of your other accounts, not the logged in account

  Use Powershell  Step 1 - Put your existing password in a Secure String  $oldPassword = Read-Host "Your old Password" -AsSecureString  Step 2 - Start the password change set-AdAccountPassword -Identity paul-admin -OldPassword  $oldPassword Step 3 - Enter your new password You'll be prompted for your new password... Please enter the desired password for 'CN=xxxx,OU=Admin Users,OU=Users,OU=Privileged,DC=CAIS,DC=com,DC=edu,DC=au' Password: ************************** Repeat Password: **************************
Post a Comment
Read more

Tip to create an underline on a heading shorter than the heading itself

You can use a pseudo element with :before (or :after ): h1 { font - weight : 300 ; display : inline - block ; padding - bottom : 5px ; position : relative ; } h1 : before { content : "" ; position : absolute ; width : 50 %; height : 1px ; bottom : 0 ; left : 25 %; border - bottom : 1px solid red ; } http://jsfiddle.net/9e27b/ This is another solution that centers the heading, the problem here is that the underline gets shorter as the column gets shorter. h2 {   display: inline-block;   padding-bottom: 15px;   position: relative;   width: 100% ;   text-align: center; } h2:before{     content: "";     position: absolute;     width: 8%;     height: 1px;     bottom: 0;     left: 46%;     border-bottom: 1px solid red; }
Post a Comment
Read more

The web.config no extension mime problem Lets Encrypt on IIS/Windows

  Tip when using LetsEncrypt in Windows - Feature Requests - Let's Encrypt Community Support In a paragraph, just use the web.config file to set the mime type, eg...  After trying to figure out why my Lets Encrypt failed to generate in Windows, and discovering that it's the no extension mime type problem, I wondered whether certbot could fill in the missing gap. All that is needed is the following web.config file to be placed in the same directory as the challenge <?xml version="1.0" encoding="UTF-8"?> <configuration> <system.webServer> <staticContent> <mimeMap fileExtension="." mimeType="text/xml" /> </staticContent> </system.webServer> </configuration> Because there's no mime type for files without an extension on IIS, IIS sends back a 404 when verification happens. The web.config file above sets the mime type. After I created the .well-known
1 comment
Read more