SSH to a server with multiple reverse DNS entries

Question

While SSHing into my server with an RSA key, I get this message:

Address 255.100.236.105 ¹ maps to a1.example.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!

Even though I get this error, I am still able to SSH into the machine.

I examined the DNS and figured out the issue. This server has lots of vhosts, so we have multiple A records for the same IP address.

For example:

A a1.example.com 255.100.236.105
A ssh.example.com 255.100.236.105

(there are a few more that point to the same IP)

I am trying to SSH to ssh.example.com, and I am getting the above error. How do I get SSH to realize that the IP has multiple domain names that point to it?

NOTE: I can't ssh to a1.example.com because that subdomain is going through CloudFlare's proxy.

UPDATE: I tested this on two computers. One gave me that error, one did not. Why would that be?

_{¹ This is a fake IP, I made up. I'm not sure if it really points anywhere.}

NickW · Accepted Answer · 2013-05-02T16:58:43.263

1

If you put the reverse DNS name for ssh.example.com in your hosts file, that will usually be the first response returned by DNS.

edited May 02 '13 at 16:58

answered May 02 '13 at 16:04

NickW

10,289

SSH to a server with multiple reverse DNS entries

1 Answers1