PUzzling sshd behaviour
Bruce M Simpson
bms at spc.org
Sat Sep 6 14:37:52 PDT 2003
On Fri, Sep 05, 2003 at 08:46:46AM -0700, Kris Kennaway wrote:
> > Anyone else see this type of thing before? I did some research on the
> > lists but all I ever saw was a problem with reading resolv.conf. That's
> > not the case here, because it's definitely picking up the nameserver
> > from that file.
>
> The fact that sshd requires reverse IP resolution is well-known
> behaviour. It's probably the most common FAQ about sshd ("Why is my
> login taking 60 seconds to present the password prompt?").
But what about:
VerifyReverseMapping
Specifies whether sshd should try to verify the remote host name
and check that the resolved host name for the remote IP address
maps back to the very same IP address. The default is ``no''.
?
I usually configure my sshd with -u0 to prevent hostnames being truncated
in wtmp/lastlog, for better audit trail.
BMS
More information about the freebsd-hackers
mailing list