reverse mapping checking getaddrinfo for xxxxx [xxx.xxx.xxx.xxx] failed

by krisrowland

I had recently been getting a very slow (10 sec) ssh login time when accessing my home server from work. After checking my /var/log/auth.log file I found this error:

warning: /etc/hosts.allow, line 15: can’t verify hostname: getaddrinfo(work.host.com, AF_INET) failed

where work.host.com is the DNS name the ssh request returns when querying my work machine (actually the firewall/proxy address — as we’ll see). This particular error was fixed when I changed the host name for the host I had listed in my /etc.hosts.allowed file to a bare IP, not a DNS name. I still want to see if this can be worked around. I then unmasked the real problem after logging in again:

reverse mapping checking getaddrinfo for work.host.com [xxx.xxx.xxx.xxx] failed – POSSIBLE BREAK-IN ATTEMPT!

It turns out that, I guess because my work likes to keep my behind a proxy and firewall, that a reverse DNS request back to my work computer didn’t match the IP from which the ssh login attempt was sent. To fix this I just added the “work.host.com” (not the real name) to my /etc/hosts file in order to map the host name back to my real IP. I added a line like this to my /etc/hosts file:

xxx.xxx.xxx.xxx work.host.com

where xxx.xxx.xxx.xxx is the IP address of my work machine.

Incidentally, since my machine was behind a firewall/proxy, I had to determine its “real” external IP using the great site: ifconfig.me. The “IP Adress” item gave the IP of the firewall/proxy server, which is of no use when a DNS callback is wanting to find my machine. The “X-Forwarded-For” item, however, gave an external IP address for my actual machine; this was the IP I used in the hosts file above.

Thanks to ElectricToolbox for the tips!

I can now ssh in to my home server from work almost instantly.

Advertisements