sshd. "UseDNS no" ignored?
David Adam
zanchey at ucc.gu.uwa.edu.au
Thu Nov 30 07:34:01 PST 2006
On Wed, 29 Nov 2006, Dmitry Pryanishnikov wrote:
> I'm still wondering why OpenSSH is _so_ inferior to SSH.COM's ssh2
> (which is also open-source)?
Is it really open-source? I couldn't find any reference to source
downloads or licensing terms on http://www.ssh.com/. It mentions OpenSSH
as an open-source alternative.
> In the later product the following line in
> /usr/local/etc/ssh2/sshd2_config:
>
> ResolveClientHostName no
>
> _actually_ prevents DNS reverse lookups by the sshd2 (just checked it,
> my test machine has ssh2-nox11-3.2.9.1_5 installed from ports). It's not
> the only option which present in ssh2 while absent in OpenSSH, second
> very useful one is:
>
> AuthInteractiveFailureTimeout 10
>
> which make SSH-password-guessing robots to give up after the first attempt ;)
You might like to suggest these features to the OpenSSH developers!
http://www.openssh.com/report.html
Of course, when space is at a premium, Dropbear is the answer to your SSH
questions.
David Adam
zanchey at ucc.gu.uwa.edu.au
More information about the freebsd-stable
mailing list