Date: Sun, 7 Sep 2003 02:55:10 +0100 From: Bruce M Simpson <bms@spc.org> To: "Daniel C. Sobral" <dcs@newsguy.com> Cc: Kris Kennaway <kris@obsecurity.org> Subject: Re: PUzzling sshd behaviour Message-ID: <20030907015510.GG29217@spc.org> In-Reply-To: <3F5A8FDB.3050507@newsguy.com> References: <3F589E94.1080508@xwave.com> <20030905154646.GA59881@rot13.obsecurity.org> <20030906213428.GF29217@spc.org> <3F5A8FDB.3050507@newsguy.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Sep 06, 2003 at 10:54:35PM -0300, Daniel C. Sobral wrote:
> Bruce M Simpson wrote:
> >On Fri, Sep 05, 2003 at 08:46:46AM -0700, Kris Kennaway wrote:
> >>The fact that sshd requires reverse IP resolution is well-known
> >>behaviour. It's probably the most common FAQ about sshd ("Why is my
> >>login taking 60 seconds to present the password prompt?").
> >
> >But what about:
> > VerifyReverseMapping
> > Specifies whether sshd should try to verify the remote host
> > name
> > and check that the resolved host name for the remote IP
> > address
> > maps back to the very same IP address. The default is ``no''.
>
> AFAIK, that means the reverse mapping result will not be held against
> you. :-)
This sounds like a bug. Does anyone else agree?
BMS
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030907015510.GG29217>