Thank you, Steffen.
On Jun 8, 2007, at 4:36 PM, Steffen Heil wrote:
> Hi
>
>> My question is: Why does sshd need to resolve domain names,
>> if indeed this is what is happening? I am using the default
>> SSH config and logging in via public key authentication
>> (plaintext private key).
>
> Because it is logging WHO tries to login, hence it needs the
> reverse lookup
> of your ip.
> It might also do some forward lookups for these reverse records and
> might
> also check against "allowed" domains...
>
>> I am using an IP address for the
>> log-in, rather than a hostname.
>
> This does not matter, the server doesn't see this. If you use a
> hostname at
> your client, your CLIENT resolves the name and uses the gotten IP
> as if you
> used that directly.
>
>> The reason I would like to know about this is because I am
>> setting up my firewall, so I would like to know about whether
>> outbound traffic to port 53 is really necessary for SSH to function.
>
> No, it is not. Just search the options and change them.
> However it doesn't hurt also..
>
> Regards,
> Steffen
-- List Info: http://erdelynet.com/ssh-l/ List Archives: http://erdelynet.com/archive/ssh-l/ To Unsubscribe: Mail mailto:ssh+unsubscribe@erdelynet.comReceived on Mon, 11 Jun 2007 10:02:30 -0400
This archive was generated by hypermail 2.1.8 : Wed Jul 04 2007 - 17:01:14 EDT