[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Delay when logginng in to FC5 via ssh



Todd Zullinger wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Don Russell wrote:
What is doing the "reverse lookup"? And can I just turn that off? It
doesn't seem to make much sense to me that I add complexity in the
form of a dns server that does little more than convert the ip
address brom binary form to printable characters. I'd rather just
skip the reverse lookup altogether.

Am I missing some fundamental philosophy here? What's the point of
reverse look ups in such cases?

Sshd does this so it can apply the tcp-wrappers rules from
/etc/hosts.allow and /etc/hosts.deny.

Set "UseDNS no" option in /etc/ssh/sshd_config to disable this.

Since /etc/hosts.allow and /etc/hosts.deny contain only comments, this seems like a good idea. I now have "UseDNS no".... working great. :-) That solved 50% of my current problem set.... sounds like there is a similar solution for my smtp server...

Thanks...


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]