sshd. "UseDNS no" ignored?

Dmitry Pryanishnikov dmitry at
Wed Nov 29 04:44:50 PST 2006


On Tue, 21 Nov 2006, Stephen Montgomery-Smith wrote:
> I remember a discussion about this maybe a few years ago.  I recall that it 
> is basically impossible to stop ssh from looking up DNS addresses. The

   I'm still wondering why OpenSSH is _so_ inferior to SSH.COM's ssh2
(which is also open-source)? In the later product the following line in 

 	ResolveClientHostName no

_actually_ prevents DNS reverse lookups by the sshd2 (just checked it,
my test machine has ssh2-nox11- installed from ports). It's not
the only option which present in ssh2 while absent in OpenSSH, second
very useful one is:

 	AuthInteractiveFailureTimeout   10

which make SSH-password-guessing robots to give up after the first attempt ;)

Sincerely, Dmitry
Atlantis ISP, System Administrator
e-mail:  dmitry at
nic-hdl: LYNX-RIPE

More information about the freebsd-stable mailing list