SSH Login delay
dsr at tao.merseine.nu
dsr at tao.merseine.nu
Tue Feb 15 21:14:04 EST 2005
On Tue, Feb 15, 2005 at 05:51:54PM -0500, David Cass wrote:
> Thanks for your prompt and helpful response. Well, I have found that after
> the "time out" delay, SSHD puts a log entry in the MESSAGES log file which
> says:
>
> Feb 15 17:48:10 vps sshd(pam_unix)[29954]: authentication failure; logname=
> uid=0 euid=0 tty=NODEVssh ruser= rhost=xx.xx.xxx.xxx user=<username>
>
> But how can it report an authentication failure before it asks for the
> password?
It says it's trying to authenticate against pam_unix with an
rhost IP. Sounds like it's looking for an rhosts.equiv and
failing, probably with a nonexistent reverse DNS lookup.
Disable rhost auth anyway; you don't want that. Do you have a
reverse DNS entry for the machine you're logging in from?
-dsr-
More information about the Discuss
mailing list