I currently have a LAMP server running Centos 7 server on a private cloud.
I have had a request from one of my clients that they would like to SFTP on to the server using a key.
I have done this and it currently works for me using FileZilla but when they try this they are unable to connect and get asked for the password. Upon checking the secure log on the server I can see that they have tried to connect to the server but have been marked as a possible intrusion attempt, see the entry below:
reverse mapping checking getaddrinfo for subdomain.domain.com [XX.XX.XX.XX] failed – POSSIBLE BREAK-IN ATTEMPT!
From my understanding this is an issue with their rDNS settings for the subdomain or am I missing something? Additionally is it possible to allow connections from this domain in any configuration files?
Any advice would be appreciated.
Best Answer
The typical reason you see that warning is that the reverse DNS record for an IP-address used to connect to your SSH server resolves to a hostname, but that hostname either doesn't exist at all or it doesn't map back to the same IP-address.
Either:
UseDNS no
andGSSAPIAuthentication no
in your/etc/ssh/sshd_config
/etc/hosts
Regardless, that message is as far as I know only a warning and not actually the cause your clients can't login.