Re: OpenSSH and hostname resolution issues on Solaris

From: Per Hedeland (per@hedeland.org)
Date: 11/08/02


From: per@hedeland.org (Per Hedeland)
Date: Fri, 8 Nov 2002 20:20:36 +0000 (UTC)

In article <J0Gy9.49784$7W2.47287@nwrddc01.gnilink.net> "Nico
Kadel-Garcia" <nkadel@bellatlantic.net> writes:
>"Per Hedeland" <per@hedeland.org> wrote in message
>news:aqf0t0$8i7$1@hedeland.org...
>> In article <6NCy9.17349$Wf5.8203@nwrddc04.gnilink.net> "Nico
>> Kadel-Garcia" <nkadel@bellatlantic.net> writes:
>> >
>> >That was it! "-u0"! The documentation mentions nowhere that this prevents
>> >reverse DNS lookups from being done.
>>
>> Sure it does - from the 3.4p1 sshd(8) man page:
>>
>> Specifying -u0
>> indicates that only dotted decimal addresses should be put into
>> the utmp file. -u0 is also be used to prevent sshd from making
>> DNS requests unless the authentication mechanism or configuration
>> requires it.
>>
>> (It could use some proof-reading though.:-)
>
>It's the *REVERSE* hostname lookups that are the classic problem, not the
>forward name lookups.

Why would sshd do forward lookups? What names would it have to do
forward lookups on? How could anyone think that it would do forward
lookups? (All assuming that it hasn't *first* done a reverse lookup, but
since it says "prevent sshd from making DNS requests", it obviously
hasn't.) If you invest a fraction of a second of thought, it should be
obvious that the section above is talking primarily about reverse
lookups.

> It really does need proofreading, it's a huge FAQ.

I was only referring to the "is also be used" part. Yes, FAQs are often
the result of people not finding their answer in the documentation.
Claiming that it isn't there when it obviously is doesn't really help.

--Per Hedeland
per@hedeland.org