# ssh name resolution bugged after glibc update [SOLVED]

## user124

hi all,

today i logged in remote machine HIDDEN.dyndns.org, emerged updates (glibc ans libxslt) on both local and remote.

```
1263274934: Started emerge on: Jan 12, 2010 06:42:14

1263274934:  *** emerge  sync

1263274934:  === sync

1263274934: >>> Starting rsync with rsync://140.211.166.165/gentoo-portage

1263275065: === Sync completed with rsync://140.211.166.165/gentoo-portage

1263275066:  *** terminating.

1263275151: Started emerge on: Jan 12, 2010 06:45:51

1263275151:  *** emerge --deep --update world

1263275157:  >>> emerge (1 of 2) dev-libs/libxslt-1.1.26 to /

1263275168:  === (1 of 2) Cleaning (dev-libs/libxslt-1.1.26::/usr/portage/dev-libs/libxslt/libxslt-1.1.26.ebuild)

1263275168:  === (1 of 2) Compiling/Merging (dev-libs/libxslt-1.1.26::/usr/portage/dev-libs/libxslt/libxslt-1.1.26.ebuild)

1263275226:  === (1 of 2) Merging (dev-libs/libxslt-1.1.26::/usr/portage/dev-libs/libxslt/libxslt-1.1.26.ebuild)

1263275229:  >>> AUTOCLEAN: dev-libs/libxslt:0

1263275229:  === Unmerging... (dev-libs/libxslt-1.1.24-r1)

1263275231:  >>> unmerge success: dev-libs/libxslt-1.1.24-r1

1263275232:  === (1 of 2) Post-Build Cleaning (dev-libs/libxslt-1.1.26::/usr/portage/dev-libs/libxslt/libxslt-1.1.26.ebuild)

1263275232:  ::: completed emerge (1 of 2) dev-libs/libxslt-1.1.26 to /

1263275232:  >>> emerge (2 of 2) sys-libs/glibc-2.10.1-r1 to /

1263275233:  === (2 of 2) Cleaning (sys-libs/glibc-2.10.1-r1::/usr/portage/sys-libs/glibc/glibc-2.10.1-r1.ebuild)

1263275233:  === (2 of 2) Compiling/Merging (sys-libs/glibc-2.10.1-r1::/usr/portage/sys-libs/glibc/glibc-2.10.1-r1.ebuild)

1263276710:  === (2 of 2) Merging (sys-libs/glibc-2.10.1-r1::/usr/portage/sys-libs/glibc/glibc-2.10.1-r1.ebuild)

1263276726:  >>> AUTOCLEAN: sys-libs/glibc:2.2

1263276726:  === Unmerging... (sys-libs/glibc-2.9_p20081201-r2)

1263276728:  >>> unmerge success: sys-libs/glibc-2.9_p20081201-r2

1263276735:  === (2 of 2) Post-Build Cleaning (sys-libs/glibc-2.10.1-r1::/usr/portage/sys-libs/glibc/glibc-2.10.1-r1.ebuild)

1263276735:  ::: completed emerge (2 of 2) sys-libs/glibc-2.10.1-r1 to /

1263276735:  *** Finished. Cleaning up...

1263276735:  *** exiting successfully.

1263276740:  *** terminating.

```

after the update its not possible to log into HIDDEN.dyndns.org via the name, only ip works.

http://HIDDEN.dyndns.org:port/ gives "SSH-2.0-OpenSSH_5.2" so name res in general works.

```
brett ~ # ssh -p HIDDEN HIDDEN.dyndns.org 

ssh: Could not resolve hostname HIDDEN.dyndns.org: Name or service not known

brett ~ # ping HIDDEN.dyndns.org

PING HIDDEN.dyndns.org (HIDDEN) 56(84) bytes of data.

64 bytes from HIDDEN.dip.t-dialin.net (HIDDEN): icmp_seq=1 ttl=59 time=27.6 ms

--- HIDDEN.dyndns.org ping statistics ---

1 packets transmitted, 1 received, 0% packet loss, time 0ms

rtt min/avg/max/mdev = 27.685/27.685/27.685/0.000 ms

brett ~ # ssh -p HIDDEN HIDDEN(ip)

The authenticity of host '[HIDDEN]:HIDDEN ([HIDDEN]:HIDDEN)' can't be established.

RSA key fingerprint is HIDDEN.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '[HIDDEN]:HIDDEN' (RSA) to the list of known hosts.

Password: 

brett ~ # tracepath HIDDEN.dyndns.org

 1:  brett (192.168.2.202)                                  0.125ms pmtu 1500

 1:  speedport.ip (192.168.2.1)                             4.456ms 

 1:  speedport.ip (192.168.2.1)                             3.665ms 

 2:  HIDDEN.dip.t-dialin.net (HIDDEN)             4.251ms pmtu 1492

 2:  217.0.116.39 (217.0.116.39)                           21.367ms asymm  3 

 3:  217.0.66.198 (217.0.66.198)                           21.774ms 

 4:  217.5.68.78 (217.5.68.78)                             21.989ms asymm  5 

 5:  87.186.236.109 (87.186.236.109)                       20.807ms 

 6:  HIDDEN.dip.t-dialin.net (HIDDEN)           40.631ms !H

     Resume: pmtu 1492 

```

in addition glibc-2.10.1-r1 seems to install nscd, tried ssh with and without running nscd (no'ed passwd and group caching in /etc/nscd.conf, left hosts to yes).

anyone with similar probs?

edit -----------------------

works too, but before the updates i didnt need "-o AddressFamily=inet"

```
ssh -p HIDDEN -o AddressFamily=inet HIDDEN.dyndns.org
```

Last edited by user124 on Wed Jan 13, 2010 7:06 am; edited 2 times in total

----------

## EzInKy

Dyndns's very survival is dependent on allowing freedom's denied by their competitors. Give them a couple of days to update their software before giving their service so harsh a review.

----------

## user124

man 5 ssh_config:

```
     AddressFamily

             Specifies which address family to use when connecting.  Valid arguments are “any”, “inet” (use IPv4 only), or “inet6”

             (use IPv6 only).

```

funny thing is i disabled ipv6 in both use-flags and kernel.

 *Quote:*   

> Dyndns's very survival is dependent on allowing freedom's denied by their competitors. Give them a couple of days to update their software before giving their service so harsh a review.

 

sry but

```
brett linux # ssh gulli.com

ssh: Could not resolve hostname gulli.com: Name or service not known

brett linux # ping gulli.com

PING gulli.com (83.137.113.76) 56(84) bytes of data.

^C

--- gulli.com ping statistics ---

2 packets transmitted, 0 received, 100% packet loss, time 1008ms

brett linux # ssh 83.137.113.76

ssh: connect to host 83.137.113.76 port 22: Connection refused

```

so harsh a review i dont.

----------

## snIP3r

hi!

i also recently updated to glibc-2.10.1-r1 on my gentoo home server. but my installation of nscd is stopped - it was not started so far. i also encountered no such behavior like you described. i could connect via ssh do my gentoo server.

HTH

snIP3r

----------

## user124

got it

today i ran a strace on ssh

```

cam@brett ~ $ strace -fFv -o strace.out ssh -p HIDDEN HIDDEN.dyndns.org

..

2822  recvfrom(3, "\252\324\201\2\0\1\0\0\0\0\0\0\7HIDDEN\6dyndns\3org\0"..., 2047, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("192.168.2.1")}, [16]) = 36

2822  close(3)                          = 0

2822  write(2, "ssh: Could not resolve hostname "..., 79) = 79

2822  exit_group(255)                   = ?
```

the line "recvfrom" repeats a few times allways with "192.168.2.1", thats the ip of our router which i get my ip from. so this thing also sends its ip as nameserver to the clients.

i also straced ping which contrary to ssh works

```

strace -fFv -o ping.out ping -c 1 HIDDEN.dyndns.org

..

2978  recvfrom(3, "\2321\201\2\0\1\0\0\0\0\0\0\7HIDDEN\6dyndns\3org\0"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("192.168.2.1")}, [16]) = 36

2978  close(3)                          = 0

2978  socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, IPPROTO_IP) = 3

2978  connect(3, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("145.253.2.11")}, 28) = 0

2978  poll([{fd=3, events=POLLOUT}], 1, 0) = 1 ([{fd=3, revents=POLLOUT}])

2978  sendto(3, "\2321\1\0\0\1\0\0\0\0\0\0\7HIDDEN\6dyndns\3org\0"..., 36, MSG_NOSIGNAL, NULL, 0) = 36

2978  poll([{fd=3, events=POLLIN}], 1, 3000) = 1 ([{fd=3, revents=POLLIN}])

2978  ioctl(3, FIONREAD, [52])          = 0

2978  recvfrom(3, "\2321\201\200\0\1\0\1\0\0\0\0\7HIDDEN\6dyndns\3org\0"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("145.253.2.11")}, [16]) = 52

2978  close(3)                          = 0

```

ping also tries to use the router address "192.168.2.1" as nameserver but falls back to "145.253.2.11"

now i took a look at /etc/resolv.conf

```
# Generated by dhcpcd from wlan0

nameserver 192.168.2.1

nameserver 145.253.2.11

nameserver 145.253.2.75

```

deteted the first line "nameserver 192.168.2.1" (second and third are from /etc/resolv.conf.tail) and tried ssh again ... no problems  :Smile: 

conclusion: 

- the router we got from our isp (speedport, telekom) is shitty. it announces its ip as nameserver to the dhcp-clients without beeing able to do the job.

- ssh only ties to resolve names with the first "nameserver" line from /etc/resolv.conf. with the parameter "-o AddressFamily=inet" i mentioned above

  it also tries other lines if the first failes (straced this too). 

  afaik since name resolution isnt natively ssh's job (libnss... should do this) the glibc update *might* have something to do

  with the odd behaviour - but thats purely speculative, i'm no system programmer so my knowledge in this area is limited... but then again the error

  first occured after the glibc-update. well.

- to avoid this error in the future i commented "domain_name_servers" from /etc/dhcpcd.conf out and will use my static servers.

----------

## bruno.b

Thanks, I had the same problem with ssh after upgrade of glibc; in my resolv.conf the first nameserver was unreachable, but I never realized it before because of the fall-back ti following valid namervers. The problem also affected wget, so that emerge failed when trying to download packages.

 *user124 wrote:*   

> got it
> 
> today i ran a strace on ssh
> 
> ```
> ...

 

----------

