[Techtalk] Re: /etc/hosts

Thu Oct 3 10:56:15 EST 2002

On Thu, Oct 03, 2002 at 01:14:09AM -0700, Therese Gustafsson said:
> Kristina wrote:
> >Putting it in /etc/hosts I believe will enable the
> >machine to recognize
> >itself by a hostname instead of an IP. You can also
> >reset the hostname
> >using the "hostname" command. Without an argument,
> >hostname will return
> >the hostname, but given an argument (a hostname) it
> >will set the
> >hostname.
> 
> So if I don't have a hostname I don't have to put the
> ip-address in /etc/hosts at all? 

Yes, you do.

/etc/hosts contains a mapping of IP-address <-> hostname, just like DNS.
In fact, in the early era of Internet they distributed /etc/hosts
between all servers connected (getting the file from an ftp-server) -
but of course that didn't scale very well :)

/etc/nsswitch.conf contains info about in which order to look up fex
hostnames - from dns, files (/etc/hosts), nis etc. The most convenient
order _unless you know it should be different_ for the line starting
with hosts is 'files dns'. Usually there is NO need to change anything
in this file, but of course someone may have done that before :)

If your hostname isn't in /etc/hosts, it should be in DNS in stead - if
it's nowhere your computer may be a bit confused if it tries to look up
it's own name. On the other hand, you may be very confused if you put
your hostname and current IP address in /etc/hosts and then move your
computer to another location without changing /etc/hosts and changing
DNS in stead. "Hm, everybody exccept me seems to connect to my
webserver! What the h*** have I done with my firewall??" is rather
common then :)

On the other hand, /etc/hosts is pretty good for testing even if you are
in DNS too. Let's say you develop some webpages for a client, on your
own computer which is different from the current www.client.com. Then you
can add all the necessary changes to /etc/httpd/conf/httpd.conf (et
al.), including your client's real hostname (www.client.com fex), and
then add www.client.com to /etc/hosts - and at the same time leave the
excisting pages of the client on the REAL www.client.com remian
untouched. Do the testing lcoally on your box, and then upload them to
your client when you have tested. Or you can add aliases to your
computer, without adding them to DNS. Let's say you have
computer14.example.com as hostname, this is in DNS too. Then you can add
www as a CNAME to it in DNS, to have www.example.com working globally,
and you can add wwwtest in /etc/hosts to make a testserver with a name
availble only locally (this doesn't add any REAL security, so don't use
it as that if the goal is to hide information).

And, not last, if you have your hostname in /etc/hosts very much will
work even if you have no network and thus can't look it up in DNS.
If a nameserver is hard to reach and you experience trouble with that,
you can hostnames served by it to /etc/hosts to speed up - just remember
to change them if DNS for them change... (a reason to limit it since you
WILL forget to update!)

So, my conclusion is:
- you need your hostname in /etc/hosts
- you may have aliases to your hostname there
- it may stay there even if you later add it to DNS
- remember to change /etc/hosts if your IP-address, domainname etc
changes later, unless you want to confuse yourself

Usually you should have at least two lines in /etc/hosts on a networked
client:
127.0.0.1	localhost
10.2.3.4	myhostname myhostname.example.com

If you don't have an IP-address you can add your hostname to the first
line instead: 
127.0.0.1	localhost myhostname

In your case, when you have a static IP-address, you can
use the two lines with a few changes in IP-address and hostname.

(The "duplication" with  both myhostname and myhostname.example.com is
to make sure both short and fully qualified hostname works.)

> I have another problem now: I deleted the old hostname
> from /etc/hosts but Apache and sshd still think
> they're at the.old.hostname. I have restarted Apache
> but no change. Where do they get that information from
> if it's not in /etc/hosts anymore? 

Apache has it in httpd.conf, look for ServerName. Also check that the
virtualhost section (look for VirtualHost) doesn't contain the old 
IP-address.

I am not sure what you mean with "sshd still think [it is] at
the.old.hostname". Doesn't it work? Can't you log in from remote?

Have a look at /etc/ssh/sshd_config (or /etc/sshd_config) and check 
that ListenAddress doesn't contain old IP-address (default is, AFAIK, 
ListenAddress 0.0.0.0, and it's often not specified because that's 
default. So no sign of ListenAddress probably means it's 0.0.0.0). 

Also check that /etc/hosts.allow doesn't only contain the old IP-address 
as the only place where ssh is allowed from. This should, however, only
affect remote login and should have been similar even before you changed
/etc/hosts and hostname because sshd generally don't careabout
_hostname_, only IP-address.

Magni :)
-- 
sash is very good for you.