SSH login takes very long time...sometimes

[JoaoBR]

On Friday 23 December 2005 20:26, James Tanis wrote:
> What reason is that? A reverse-lookup is no longer really a valid way
> of filtering out the undesireable unless your lucky enough to be
> dealing only with those who have the knowledge and ability to control
> those entries. Most residential ips either have no reverse-lookup or

I guess you are wrong

you can fake your IP and you can fake your hostname, but exactly for security 
reasons, since we believe that beeing a a network admin is not because of 
luck but knowledge, and we also believe that this person has a certain 
responsibility and so he will probably not set up false dns reverse data.

so when I check your IP and hostname you send me and when this do not match 
the reverse info I get I can suppose you do not have good intentions or you 
do not have the knowledge to set your network up. Both cases may not be 
welcome on my network and you get kicked out. Like you see here the decision 
is the owner's one who can or not enter his home.

so reverse dns is a absolute valid check - what never was so important as 
today since each newborn already knows how to fake IP's

and when your residential Ip provider do not has a correct reverse DNS get 
yourself a more serious one

anyway, you are mixing things up since you do not need a valid reverse dns to 
configure your sshd, the server admin can disable this lookup or use the 
local host file - or you may like the "clever way" and forget to set or 
delete your resolv.conf 

João







A mensagem foi scaneada pelo sistema de e-mail e pode ser considerada segura.
Service fornecido pelo Datacenter Matik  https://datacenter.matik.com.br