On Sun, Sep 07, 2003 at 02:55:10AM +0100, Bruce M Simpson wrote:On Sat, Sep 06, 2003 at 10:54:35PM -0300, Daniel C. Sobral wrote:
> Bruce M Simpson wrote:
> >On Fri, Sep 05, 2003 at 08:46:46AM -0700, Kris Kennaway wrote:
> >>The fact that sshd requires reverse IP resolution is well-known
> >>behaviour. It's probably the most common FAQ about sshd ("Why is my
> >>login taking 60 seconds to present the password prompt?").
> >
> >But what about:
> > VerifyReverseMapping
> > Specifies whether sshd should try to verify the remote host
> > name
> > and check that the resolved host name for the remote IP
> > address
> > maps back to the very same IP address. The default is ``no''.
>
> AFAIK, that means the reverse mapping result will not be held against
> you. :-)
This sounds like a bug. Does anyone else agree?
Yes and I really needed this functionality in a project for 12 Suns...
But it didn't work as expected from the description.
And for me a functionality like being able to prevent reverse lookup would be completely logical ...
Result was to create about 20 /etc/hosts entries on every sun, to prevent this 60 seconds timeout for our Out Of Band login via VPN and from sun to sun etc etc
My solution is to install and setup dnscache to do the local DNS cache.
Cheers, Mezz
Andreas ///
-- bsdforums.org 's moderator, mezz. _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
