Ubuntu Servers :: OpenSSH Reverse Lookup Using /etc/hosts Before Nameserver?
Apr 6, 2010
Like many others I'm running into some reverse lookup issues with SSH. Setup is as follows:
localnet setup
myserver - 192.168.0.x
myworkstation - 192.168.0.y
[Code].....
nslookup tests show that my reverse lookup is functioning correctly. However, if I use "myworkstation" to connect to myserver.mydomain.com using an external nameserver SSH says: "Address 84.162.xx.yy maps to myserver.mydomain.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!"
On myserver the /etc/hosts has the internal address for the server which seems the normal way to go to me. Changing this to the servers external address solves the issue.
Apparently a connection originating from myworkstation arrives from/with my external address, and when its reverse is checked by the server it apparently finds its own internal address for that name in /etc/hosts before doing a nameserver query and thus concludes that internaladdress <> externaladdress which gives the error.
Is there any way to have the server check external DNS before /etc/hosts? Another solution would probably be running an internal DNS, so myworkstation doesn't connect through the 'outside'.
View 1 Replies
ADVERTISEMENT
Apr 1, 2011
I'm at a loss to why my reverse lookup zone doesn't work for me.I've got two views. One internal and one external. My domain is isp2.datornatverk.se. Public IP: 130.240.133.81.
dig -x @8.8.8.8 130.240.133.81
gives me:
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2917
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
I've set it up so that the internal subnets gets the domains resolved to the internal IP-addresses. When querying from external addresses I will get public IP.My named.conf.local file:
Code:
acl internals {
127.0.0.0/8;[code]..........
I don't know whether the views has messed something up. It worked before I added the views.
View 3 Replies
View Related
Oct 12, 2009
I am using RHEL5. These are my config files:
Code:
options {
listen-on port 53 { 127.0.0.1; 192.168.14.54; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
[code]....
View 3 Replies
View Related
Jan 12, 2011
The scenario: We have an external server that runs HTTP/DB servers for out shop system. Then, there's our local, in-house infrastructure that runs a.. yeah... Exchange 2010. The shop system on the external server needs to send mails to customers (order confirmations, invoices, etc.). seing as sending them directly through the local MTA (Postfix) would cause mail delivery problems because of reverse DNS issues, i've set the Postfix MTA to act as a satellite to our in-house Exchange Server, so the Exchange sends the mail instead, giving recipient mail servers a valid reverse DNS lookup.
Now, mails sent by the (proprietary, uneditable) shop system are relayed correctly and sent to the target e-mail address. My problem is: Mails not sent by the shop system, but by our own PHP scripts which run on that same external servers, are NOT relayed properly. So the Exchange is fine with the mails sent by the shop system, but not the mails sent by our scripts. This is what i get in the mail.log: The successfully relayed mail sent by the shop system:
[Code]....
View 2 Replies
View Related
Sep 27, 2009
Reverse dns lookup in C?
View 3 Replies
View Related
Oct 23, 2009
I have the following bind9 configuration, and I'm trying to resolve reverse lookup IP address to name.
$ttl 38400
mydomain.org.INSOAmyhosting.com. (
1243281304
10800
[code]...
** server can't find 1.2.3.4.in-addr.arpa: NXDOMAIN
Is my PTR wrong, or what do I need to have the reverse lookup working ?
Note: I replace real IP by 1.2.3.4, same for my domain name.
View 4 Replies
View Related
Oct 4, 2009
I have a file consisting of unique IP addresses - one per line I want to find the name of the host for each address. I tried the following:
Quote:
nslookup < file_name
This worked except it gives me a lot of extraneous information such as the servers providing the answers. This is too much information for me and would simply like each line of IP numbers to be replaced with a domain name. I tried using the same strategy using host and hostname and dig but I must have given the wrong command as I had no results.
View 3 Replies
View Related
Jun 3, 2011
I've got 2 domains:
[URL]
This is how I've configured my resolv.conf file:
[URL]
When I run the host command, it can resolve machines in one.domain.com using both hostname and ipaddress. But when I run the host command for machines in two.domain.com, it only works for hostnames but not ip addresses. The result for ip addresses is:
Host 100.3.2.1.in-addr.arpa not found: 3(NXDOMAIN)
Why doesn't it try the 2nd nameserver in the resolv.conf file when resolving by ip adddress? Reverse pointers are configured for each machine in their respective domain dns servers. O/S is Oracle VM Server 2.2.1 (similar to Red Hat). Kernel is 2.6.18-128.2.1.4.37.el5xen.
View 4 Replies
View Related
Apr 13, 2011
I'm trying to pass multiple dpmains thru one ubuntu server to various hosts on my local network.
[url] should be sent to the /var/www folder on the local host.
[url] should be forwarded to an IIS box on my local network (owa.nunya.local)
[url] should be sent to another ubunto box on my local network (smtp.biznet.net)
I have tried placing VirtualHost entries in /etc/apache2/sites-available/default and [url]and [url] both work but [url] gets forwarded to the c:inetpub folder on the IIS box.
View 2 Replies
View Related
Apr 26, 2010
I got this message on Friday from just one domain. uote:mailsrv.forthnet.gr #<mailsrv.forthnet.gr #5.5.0 smtp; 554 5.5.0 Your message was considered to be spam by the FORTHnet Antispamming Policy and was not delivered to the recipient. The following spam tests returned positive for this message:FORGED_RCVD_HELO,RCVD_IN_BRBL. For further information visitWe are not a spamming community but it seems we have a statice IP address that has a Reverse lookup to "myipaddress.static.lyse.net" and not my email domain. Would setting a cname mail.mydomain.no -> myipaddress.static.lyse.net cure this problem or are there more tricks to be performedOnce I have cured the FORGED_RCVD_HELO I can move to getting the IP removed from BARACUDA.
View 2 Replies
View Related
Jan 17, 2011
[Code]....
What I want: multiple virtual hosts with ssl and only 1 ip address: In my example: server = 192.168.227.129
[Code]....
View 9 Replies
View Related
Sep 19, 2010
I have a small webserver running ubuntu server 10.4. It runs fine except after every reboot, I get DNS errors. I have to manually edit /etc/resolv.conf to add:
Code:
nameserver 192.168.1.1
The address of my internet gateway on my LAN. Obviously I am ignoring the warning in resolv.conf that this will be overwritten.
View 2 Replies
View Related
Jan 11, 2010
does anyone know of a good site/book/guide to learn about linux web server administration?
and also how do you find the your own nameserver numbers? would that just be the IP of my web server?networking isn't my forte, but i do intend to learn with this project.
View 5 Replies
View Related
Aug 15, 2010
How can I have /etc/resolv.conf point to my router address as the nameserver nameserver 192.168.1.1
instead of picking up the ISP's DNS servers and using that as the nameserver entries? Reason being I have more than one ISP account, and when I change I do not want to have to remember to restart the networking service. because i often forget.
View 4 Replies
View Related
Jan 24, 2010
Why would this iptables cause this mail delivery error? I think it's to do with dns lookups not being routed properly... if remove the last rule, mail works fine.
ssh is also very slow to connect when the last rule is enabled.
postfix mail error:
Code:
Jan 24 11:32:18 xxxx postfix/smtp[15065]: 9F2162C519: to=<xxxxx@hotmail.com>, relay=none, delay=1005, delays=965/0.01/40/0, dsn=4.4.3, status=deferred (Host or domain name not found. Name service error for name=hotmail.com type=MX: Host not found, try again) iptables
[Code]....
View 1 Replies
View Related
Sep 11, 2010
When ever I try to sftp or even ssh into my server I get connection refused.
I have the port forwarded in my router.
What am I missing?
Also I have installed Ngnix so what do I need to do for it to work?
View 5 Replies
View Related
May 8, 2010
I'm trying to get openssh-server working so I can stop using the family TV and just SSH from my laptop. I've only just installed 10.4 server edition, and I've made a change to /etc/apt/sources.lst by removing the # in front ofdeb cdrom:[Ubuntu-Server 10.04 LTS Anyway I run:sudo apt-get install openssh-server
Code:
Reading package lists... Done
Building dependancy tree
[code]....
View 7 Replies
View Related
Jul 27, 2010
I would like to upload files via ftp or sftp to my web directory at /var/www/...
Originally I had installed openssh-server (through apt-get, before learning about tasksel). I assumed this only had ssh support and not ftp, so after a quick search, I installed vsftpd. I would like to learn how to configure openssh, and I mention vsftpd in case there is a conflict.
Right now I am able to log in to my server box through ssh/ftp, but I can only modify my home directory. I created a directory: /var/www/andrew and set permissions to drwxr-xr-x. I am unable to upload files to this folder.
What do I have to do to resolve this, and is there anything else I should know about my situation?
View 3 Replies
View Related
Jun 12, 2011
I'm running Ubuntu 10.04 LTS and I have installed openssh.I need to find a way to configure it so that it never start up when I boot into my computer. The reason is: I haven't had the time yet to learn how to set it up and configure it correctly. Until that time comes I don't want it to run at all.Every single time I boot into the system and I have to do that first before I can even do what I really need to on the computer. It's annoying.Does anyone know the best and least complicated way to just make it not run at all until I'm ready to set it up properly?Also how to check what is running on my system after I boot up so I can double check, after making the changes, that it worked right.
View 9 Replies
View Related
Jul 6, 2011
I'm new around here and pretty new to ubuntu and linux in general. I am setting Up an sftp server. I set it up using openssh and it worked fine for a few months. Then recently we experienced a power outage. Now the server will boot fine, all users can login locally, but when they try to login remotely they enter their user info and then are denied with some generic network error. Again, being a noob at this I tried to trouble shoot this a little bit but I'm not quite sure what to look for. I believe the ssh service is running but I don't know what else to look for.
View 9 Replies
View Related
Nov 11, 2010
How to configure openssh, /etc/sshd_config on a new installation of Fedora Core 14? [since tt does not work right out of the box, I cannot ssh into it]
View 2 Replies
View Related
May 11, 2010
A first server with apache2 installed and configured as reverse proxy, that works great, with this version:
That works mostly, but fail with an oma (outlook mobile access) redirection
It works for all reverse sites hosted, but when we try to connect to oma using a nokia phone, it fails.
I can see in access.log that it hangs on FolderSync istance.
I've used wireshark to sniff packets, and in oma server I can see only three way handshaking coming...
My doubt is: when I'll upgrade working server, also it will not work anymore...
Configurations are the same (I've copied /etc/apache2 folder from running one to new one).
View 1 Replies
View Related
Aug 22, 2010
I am trying to create solution with Reverse Proxy, mod_proxy and mod_proxy_connect. I haven't really used this before so I am just curious if I am doing it right. I have attached what I am trying to do plus a copy of the config:Here is my current requirement
We are going to have 3 servers, right now our top level domain is[URL] We have an E-Commerce Server in Production Right now that already has an SSL Cert on it so right now the production server for E-Commerce is [URL] However, as we are growing, we don't want to use subdomains, so instead, we want to use the reverse proxying feature on apache. We are running mostly windows servers and IIS for the E-Commerce, CMS and the Wordpress Server. Assume the following -
Apache Proxy Server 10.100.10.60
E-Commerce Server 10.100.10.3 (www.ooolalashop.com)
Content Management Server 10.100.10.3 (cms.ooolalashop.com)
Word Press Blog Server 10.100.10.3 (blog.ooolalashop.com)
1) We need the following mapped
[URL] - maps to ecommerce server - since ssl cert is going to stay on the server, on the proxy we just create a static host that points to the e-commerce server
[URL]
All of these should be pretty easy to reverse proxy
2) We need to be able to proxy the SSL connection or have it pass through to the server on the back end with the domain [URL] right now we are getting some errors Here is the error I get with SSL [Sun Aug 22 01:51:30 2010] [warn] proxy: No protocol handler was valid for the URL /. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.
Here is a copy of the config
<VirtualHost *:80>
ServerAdmin support@cometcomputing.com
ServerNamewww.ooolalashop.com
DocumentRoot/var/www/ooo
[code]....
View 1 Replies
View Related
Feb 3, 2011
we have an ubuntu server (10.04 LTS) with apache2 (2.2.9) and mod_proxy + proxy_balancer enabled.Reverse proxy works greatly, but I can't get load balancing working. Apache connect always to first member.
My configuration is as follow:
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Proxy balancer://test>
[Code]...
View 6 Replies
View Related
Mar 14, 2011
I have a reverse proxy set up with squid. I'm going to try and explain what it's doing and I apologize for it being confusing, I'll do the best I can to describe my problem. First, it's for our phone system. We run a ShoreTel Voip system. The owner has decided he wants me to setup MCM (Mobile Call Manager), which from what I can see is an under developed, and almost impossible to get help with Shoretel software. But he's convinced he needs it for his Iphone. It's supposed to, in a nutshell, turn his Iphone into his work phone with all the advantages and doodads that come with it. Apparently, "they have an app for that". On the server side, I need to setup a reverse proxy back into the network on our phone server. Simple enough, I did this with squid. I used the following lines:
Code:
http_port 80 accel defaultsite=172.17.137.7
cache_peer http://172.17.137.7 parent 80 0 no-query originserver name=myAccel
acl our_sites dstdomain http://172.17.137.7
[code]....
Code:
always_direct allow all It most definitely is allowing traffic back to the phone server, the problem is, it hands out my internal server address to the outside client. So for instance, if I connect to the outside routable address with my phone, it will immediately change the url to http://172.17.137.7 which is the inside nat address of my phone server. Which of course doesn't work, since I couldn't browse to that address from the outside. It does however work from the inside of the network, obviously because 172.17.137.7 is accessible from the inside.
View 4 Replies
View Related
Jul 26, 2011
I am looking at using reverse SSH tunnels to manage servers on client sites. I have played around with reverse tunnelling, and have it working on one server back to my middle man server from which I can SSH across from my own PC. All working fine. When I scale this up to 100+ servers reverse tunnelling in, usernames & passwords become a pain, so I'd prefer to use RSA keys instead. My question, finally you might say, is this, to successfully ssh from my PC to the remote server, do the RSA keys need to be on the middle man server as well, or is it just my PC and the remote server?
View 1 Replies
View Related
Apr 16, 2010
I have a scenario.A domain [URL].. then there are 4 private computers on which applications are hosted at port 80. So when some one from outside access the site it look [URL]..I added
[Code]...
View 1 Replies
View Related
Feb 18, 2011
the apche2.conf and vhost file I gave the link are the machine on LAN when site is actually hosted.When some one from internet access the site then I expect a log of IP in access.log instead of which I see the IP of machine which is working as Reverse Proxy server for all such requests.What mistake did I do above.
View 4 Replies
View Related
May 26, 2010
I am having a few websites running in a Reverse Proxy scenario on Ubuntu Server 10.04. The configuration is like this:
Code:
|--------------192.168.1.1
| (site1.abc.com)
|
|--------------192.168.1.2
| (site2.abc.com)
|
|
|
|
|--------------192.168.1.3
| (site3.abc.com)
|
|
|
|
|--------------192.168.1.4
| (site4.abc.com)
(Public IP ) |
A-------------------|
(reverse proxy server) |
(192.168.1.25) |
|--------------192.168.1.5
| (site5.abc.com)
|
Except one all websites are running properly and being redirected to their respective domains.
Following is the configuration which I used for each site define on server A a vhost file which contains following
Code:
# ProxyPass / http://<Ip of Server>
# ProxyPassReverse / http://<Ip of Server>
So if I have 5 websites then I have 5 vhost file on the gateway in above diagram A and in each of those file as above root of site is redirected to internal IP. 4 of them are running properly. The fifth website is running on port 8080:/keyword. So in its vhost file on gateway I defined
Code:
# ProxyPass / http://<Ip of Server>:8080/keyword
# ProxyPassReverse / http://<Ip of Server>:8080/keyword
I can see on Lan http://<Ip of Server>:8080/keyword but when from internet I try to see:
http://site5.abc.com
I get redirected to a page is https://site5.abc.com:8443/ and it says
Code:
The webpage at https://site5.abc.com:8443/ might be temporarily down or it may have moved permanently to a new web address. The site5.abc.com has a requirement to be run at port 8080 internally and it is not a Ubuntu server.(Red Hat based server). While rest all are Ubuntu servers including gateway A.
View 1 Replies
View Related
Jan 21, 2010
I don't know if I'm posting in the right box - I'm new to both Ubuntu and this forum so please bear with me. Thing is, I spent almost 2 days trying to find a web server that meets my likes. I tried like almost every well known web server, be it Apache, Lighttpd, Nginx, and Cherokee, one by one. For each I was successfully in getting PHP up and running, but was never able to configure the virtual hosts.
I'm 99.99% sure that I - for multiple times - followed correctly the online how-to's. Especially Cherokee, I did exactly the screencast (which is just 2 steps, as Cherokee has a GUI for virtual server setups). Strange enough, with each web server the virtual hosts thing never worked for me. I always received "Server not found" error. I tried with Firefox and Google Chrome. Currently I'm on an Ubuntu 9.10 (32bit) box - I reinstalled this one over the 64bit, to vain.
Don't know if it's a problem with my DNS, but I have another machine running Windows 7 with the same DHCP settings (means same DNS and IP range). Virtual hosts work fine there on an XAMPP installation.
View 9 Replies
View Related
