I dont know if this is an ssh specific bug or not, so someone re-assign it
if you know where the bug actually is.
When I ssh into a machine by hostname, it first resolves the name to IP
address and then connects. Normally the /etc/host.conf file determines
whether to check the local hosts file, or the name server. I have my
system setup to check hosts then dns, however when I run ssh through
strace, I find that it reads the host.conf file then proceeds straight
into doing a DNS request.
This DNS request will fail due to a current problem with the hosts DNS
server. After this fails, it then reads the hosts file, finds the correct
address and continues normally.
Why is DNS used in preference to hosts file, even when the config file
says otherwise? I grabbed the source and compiled it to run through with
gdb, and my compiled version reads the hosts file first, and works
properly. Is there a known bug in the resolver, or is it a specific bug
in the debian precompiled version of ssh?
To explain what I mean, a little snippet of the strace is included below
(with some lines removed to make it tidy).
open("/etc/resolv.conf", O_RDONLY) = 3
read(3, "nameserver 192.168.15.129\n", 4096) = 26
read(3, "", 4096) = 0
close(3) = 0
open("/etc/host.conf", O_RDONLY) = 3
read(3, "order hosts,bind\nmulti on\n", 4096) = 26
read(3, "", 4096) = 0
close(3) = 0
open("/etc/hosts", O_RDONLY) = 3
[large hosts file edited down]
read(3,"127.0.0.1\tlocalhost\n192.168.15.129\tgrunge.hpy.hell\n
24.42.154.115 lo.doa.org\n\n", 4096) = 898
read(3, "", 4096) = 0
close(3) = 0
open("/etc/ld.so.cache", O_RDONLY) = 3
[mmap performed]
close(3) = 0
open("/lib/libnss_dns.so.2", O_RDONLY) = 3
[mmap performed]
close(3) = 0
open("/lib/libresolv.so.2", O_RDONLY) = 3
[mmap performed]
close(3) = 0
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
connect(3, {sin_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("192.168.15.129")}}, 28) = 0
send(3, "\245V\1\0\0\1\0\0\0\0\0\0\2lo\3doa\3org\0\0\1\0\1", 28, 0) = 28
So you can see the flow of the program, it does indeed read the config
files and hosts file properly, but still tries to do DNS. Once the DNS
fails, it continues normally with the address in /etc/hosts.
ii ssh 2.9p2-6 Secure rlogin/rsh/rcp replacement (OpenSSH)
ii libc6 2.2.4-5 GNU C Library: Shared libraries and Timezone
ii libpam0g 0.72-31 Pluggable Authentication Modules library
ii libssl0.9.6 0.9.6b-1 SSL shared libraries
ii libwrap0 7.6-8.2 Wietse Venema's TCP wrappers library
ii zlib1g 1.1.3-15 compression library - runtime
ii libpam-modules 0.72-31 Pluggable Authentication Modules for PAM
ii libwrap0 7.6-8.2 Wietse Venema's TCP wrappers library
ii debconf 1.0.17 Debian configuration management system
ii dnsutils 9.1.3-1 Clients provided with BIND
Davey