The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Setting UseDNS in sshd_conf

Discussion in 'Security' started by JustSomeGuy, May 30, 2013.

  1. JustSomeGuy

    JustSomeGuy Active Member

    Joined:
    Oct 13, 2007
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    I was wondering if anyone could shed some light on this issue.
    In cPHulk, it says "UseDNS was detected as being enabled for SSHD which causes problems with whitelisting IPs for cPHulkd. UseDNS has been set to "no" to prevent issues."
    My problem is that inside sshd_conf, it sets it to: UseDNS no
    When I try to restart sshd, I get the following:
    /etc/ssh/sshd_config: line 99: Bad configuration option: UseDNS
    /etc/ssh/sshd_config: terminating, 1 bad configuration options

    At that time, sshd will not restart.
    Any ideas???
    Thanks in advance
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    653
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    I have seen some cases where custom entries to the /etc/ssh/sshd_config file have resulted in the error message that you reported. Could you let us know what Operating System you are using? You can check this with a command such as:

    Code:
    # cat /etc/redhat-release
    Also, you may want to try using a known default /etc/ssh/sshd_config file and then making the change again to see if it allows SSH to restart normally.

    Thank you.
     
  3. JustSomeGuy

    JustSomeGuy Active Member

    Joined:
    Oct 13, 2007
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    CentOS release 5.9 (Final)
    The only change that I have done is:
    Port ??? I've set the port to a different one to hide
    Protocol 2

    As for the default file, do you know where I could fine one?
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    653
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  5. JustSomeGuy

    JustSomeGuy Active Member

    Joined:
    Oct 13, 2007
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    Yes I do remove it but at times, when updates are done, it will add that line to the config file and I can not login. Just frustrating
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    653
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Could you open a support ticket so we can address this issue and open an internal case if necessary?

    Submit A Ticket

    Please post the ticket number here so we can track the issue.

    Thank you.
     
  7. JustSomeGuy

    JustSomeGuy Active Member

    Joined:
    Oct 13, 2007
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    Thank you.
    Ticket #4171527
     
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    653
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    To update, it was determined in the ticket that the OpenSSH RPMs installed on this server were not the standard ones provided on CentOS machines. The error message reported appears to have been related to that, as it was not reproducible in a similar test environment.

    Thank you.
     
  9. Data 1

    Data 1 Well-Known Member

    Joined:
    May 25, 2008
    Messages:
    113
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Columbus Ohio
    cPanel Access Level:
    DataCenter Provider
    OK I have the same issue on one server. Ticket or can you post the fix?
     
  10. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    653
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Which OS is installed on this system? Are you using the standard OpenSSH RPM provided by your OS?

    Thank you.
     
  11. georgeb

    georgeb Well-Known Member

    Joined:
    May 23, 2010
    Messages:
    48
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    Montreal, QC, Canada
    cPanel Access Level:
    Root Administrator
    You can simply do: (until you have a solution from cPanel):

    chattr +i /etc/ssh/sshd_config

    and updates can't change anymore this

    or add a line to /scripts/postupcp and remove the line containing UseDNS (using sed command, and restart sshd service)

    Regards
     
  12. cPanelPeter

    cPanelPeter Technical Analyst III
    Staff Member

    Joined:
    Sep 23, 2013
    Messages:
    569
    Likes Received:
    15
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    I do not recommend setting the immutable bit on any files. This can cause all kinds of problems within cPanel/WHM.
    As cPanelMichael already stated, this usually means your OS is running a version of OpenSSH that does not understand the UseDNS option.

    We know CentOS uses RPM's for OpenSSH that will accept UseDNS configuration options, so if you're running another OS, you need to make sure that the UseDNS option is available. (it is in most modern operating systems).
     
Loading...

Share This Page