Vyos_ssh_login_failed when uplink down

Aloha,
I have a problem,
when my uplink is down, I cant login via SSH,
only via console is possible
I see this error message:

Dec 01 05:32:21 sshd[2443007]: reverse mapping checking getaddrinfo for host [10.1.2.3] failed.
Dec 01 05:32:42 agetty[1065217]: checkname failed: Operation not permitted

Im currently on version

sh vers
Version: VyOS 1.4-rolling-202306020317
Release train: current

Built by: autobuild@vyos.net
Built on: Fri 02 Jun 2023 03:17 UTC
Build UUID: fdd8d4b3-7653-497b-9ee4-1fa1724bdbe9
Build commit ID: 2770af2c9e2145

So probably it has somehting to do with DNS resolution?
But I think its very bad, when DNS does not work, that ssh login does not work either.

Thanks
Marcel

Please try to reproduce this again after you’ve upgraded, might have been a bug as well.

Hello,
actually I believe its nor a bug.

sshd[4411]: reverse mapping checking getaddrinfo for hostname [10.1.2.3] failed.

That looks a normal reverse DNS lookup for my ssh client, when I login to the router.
Why its fails when uplink is done, Im not sure, maybe its just a long timeout.
I changed now in the sshd config:
/etc/ssh/sshd_config

UseDNS no

Because anyway for any ssh login:
It makes sense:
a) to see the real IP, form where the login came and and not any DNS name
b) SSH login should not depend on any other service

Question is, why is this not default, and would it make sense to change it to default?

Cheers
Marcel

The thing is, the file /etc/sshd/sshd_config isn’t used for SSH at all
What you need to configure is:

set service ssh disable-host-validation

Generated config located /run/sshd/sshd_config

Thanks 1 Million time.
I dont know, why I overlooked this in this CLI.
Sorry, for not looking there.
IMHO that would be a good default.

Cheers
Marcel

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.