Hi
> My question is: Why does sshd need to resolve domain names,
> if indeed this is what is happening? I am using the default
> SSH config and logging in via public key authentication
> (plaintext private key).
Because it is logging WHO tries to login, hence it needs the reverse lookup
of your ip.
It might also do some forward lookups for these reverse records and might
also check against "allowed" domains...
> I am using an IP address for the
> log-in, rather than a hostname.
This does not matter, the server doesn't see this. If you use a hostname at
your client, your CLIENT resolves the name and uses the gotten IP as if you
used that directly.
> The reason I would like to know about this is because I am
> setting up my firewall, so I would like to know about whether
> outbound traffic to port 53 is really necessary for SSH to function.
No, it is not. Just search the options and change them.
However it doesn't hurt also..
Regards,
Steffen
-- List Info: http://erdelynet.com/ssh-l/ List Archives: http://erdelynet.com/archive/ssh-l/ To Unsubscribe: Mail mailto:ssh+unsubscribe@erdelynet.com
This archive was generated by hypermail 2.1.8 : Wed Jul 04 2007 - 17:01:09 EDT