Re: [PATCH] UseDNS should default to "no"

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On 12 Nov 2014, at 11:43, Daniel Kahn Gillmor <dkg@xxxxxxxxxxxxxxxxx> wrote:

> Perhaps a better approach here is to leave UseDNS=yes as the default,
> but also default to -u0, and generate a deprecation warning when
> encountering any need for DNS while -u0 is set, so that future versions
> of openssh can get away with disabling those lookups entirely.
> 
> What do other folks think is the right way to improve the default
> behavior here?

The first thing I do to a host on install is disable every bit of
ssh/DNS interaction I can, plus GSSAPI (I know that's not upstream)
as both significantly slow connection times.

If you're happy disabling tcpwrappers and ripping it out the source
code, this is a rather more minor change, I'd suggest.

-- 
Alex Bligh




Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux