Re: HEADS UP: OpenSSH with DNSSEC support in 10

From: Mark Felder <feld_at_FreeBSD.org>
Date: Wed, 11 Sep 2013 12:00:59 -0500
On Wed, Sep 11, 2013, at 11:16, Ian Lepore wrote:
> 
> Thanks.  If this is client-side I'm much less scared by it.  At $work we
> have embedded systems with less than full network functionality, often
> including either /etc/hosts usage or worse, sometimes a dns is
> configured but unreachable, and we ssh into them a lot for development.
> 

Do you work around that problem by setting UseDNS no? We have that
pretty much standard on all our servers at work because if you ssh and
both client and server have ipv6 the connection takes forever for it to
give up trying to find a PTR for your client's ipv6 address. And don't
try to use GENERATE in BIND to make PTRs for all your ipv6 addresses...
you'll run out of memory trying to start the daemon :-)
Received on Wed Sep 11 2013 - 15:01:01 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:41 UTC