Sorry about the slow reply, but yes as has been suggested here, I have
updated the sshd config to refuse connections from machines with no DNS
entry, or with mis-matched reverse DNS lookups. This has eliminated 90%
of the brute force login attempts so I'm loathe to remove it.
If you can get your machine suitably registered in a dns that should
sort the problem.
Duncan
-----Original Message-----
From: Starlink development [mailto:[log in to unmask]] On Behalf Of
David Berry
Sent: 23 June 2005 13:00
To: [log in to unmask]
Subject: Re: CVS access
Thanks for the ideas. I'll have a chat with our sys admin.
David
On Thu, 23 Jun 2005, Rankin, SE (Stephen) wrote:
> Peter,
>
> Yes, there are a lot of google search links that say similar things,
> it may be David end that is the problem.
>
> Steve.
>
> -----Original Message-----
> From: Starlink development [mailto:[log in to unmask]] On Behalf
> Of Peter W. Draper
> Sent: 23 June 2005 10:42
> To: [log in to unmask]
> Subject: Re: CVS access
>
> On Thu, 23 Jun 2005, David Berry wrote:
>
> > > Are you using keys? Can you ssh into the system as normal?
> >
> > I've tried it with and without keys - no difference. I get the same
> > message when I try a direct ssh into the system:
> >
> > [dsb@sl5 cvs]$ ssh cvs.starlink.ac.uk
> > ssh_exchange_identification: Connection closed by remote host
>
> The most likely reason for this is that the machine you're connecting
> from isn't correctly DNS registered, so the reverse lookup fails and
> the connection is refused. Alternatively your machine may be failing
> to match
> the allowed addresses in hosts.allow or hosts.deny, so (reading
message
> just arrived from Steve), that's over to Duncan or your sysadmin.
>
> Peter.
>
|