Extra output from host command causes issue with ssh
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
bind9 (Ubuntu) |
Incomplete
|
Undecided
|
Unassigned |
Bug Description
Coincident with the host command now outputing the names and IP addresses of the DNS servers, as well
as the host information requested, ssh seems to be getting the same (multi-line) response which it then
treats as a round-robin response. As a result, if the host is down, the ssh connection is redirected
to the first DNS server in the list, resulting in a "possible DNS spoofing" error.
This is with the packages:
bind9-dnsutils 1:9.16.1-0ubuntu2.9 amd64 Clients provided with BIND 9
bind9-host 1:9.16.1-0ubuntu2.9 amd64 DNS Lookup Utility
bind9-libs:amd64 1:9.16.1-0ubuntu2.9 amd64 Shared Libraries used by BIND 9
openssh-client 1:8.2p1-4ubuntu0.3 amd64 secure shell (SSH) client, for secure access to remote machines
On:
Description: Ubuntu 20.04.3 LTS
Release: 20.04
Expected result:
"connection timed out" error.
Actual result:
"possible DNS spoofing" error.
ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: bind9-host 1:9.16.1-0ubuntu2.9
Uname: Linux 5.10.60.
ApportVersion: 2.20.11-
Architecture: amd64
CasperMD5CheckR
Date: Wed Nov 24 15:48:40 2021
ProcEnviron:
TERM=xterm-
PATH=(custom, no user)
LANG=C.UTF-8
SHELL=/bin/bash
SourcePackage: bind9
UpgradeStatus: No upgrade log present (probably fresh install)
Hello and thanks for this bug report. I'm not aware of any change in the the 'host' command output, and indeed it seems to be the usual one to me:
root@paride-f:~# host ubuntu.com 1360:8001: :2c 1360:8001: :2b
ubuntu.com has address 91.189.88.181
ubuntu.com has address 185.125.190.29
ubuntu.com has address 185.125.190.21
ubuntu.com has address 185.125.190.20
ubuntu.com has address 91.189.88.180
ubuntu.com has IPv6 address 2001:67c:
ubuntu.com has IPv6 address 2001:67c:
ubuntu.com mail is handled by 10 mx.canonical.com.
This on a Focal system with bind9-dnsutils 1:9.16. 1-0ubuntu2. 9. Could you please copy/paste what's the output of the same command for you? I see you're using WSL, maybe the resolver is behaving oddly there? Thanks!