Re: SRV lookup support (Bugzilla 2217)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 

Hi,

On Feb 18, 2021, at 11:28 AM, Thorsten Glaser <t.glaser@xxxxxxxxx>
wrote:

On Thu, 18 Feb 2021, James Bottomley wrote: I can’t see where this
will end up in anything other than sysadmin tears.


Though the same argument applies to A vs AAAA records and any new
technology, having this as an option that defaults to off seems like a
good idea anyway and would help against this.

On Thu, Feb 18, 2021 at 11:56:48AM -0800, Ron Frederick wrote:

Keep in mind that SRV records typically point at hostnames, not
directly at IP addresses. In fact, I’m not even sure they are allowed
to point at IPs. So, there will still be a hostname lookup which occurs
after the SRV record lookup, and that could potentially be resolved via
/etc/hosts depending on the local system’s resolver configuration.

It’s also worth pointing out that one benefit of SRV records is that
you can specify port information in them, if you want client to use a
port other than the default one of 22, without the need to configure
that on every client.

In my experience, SRV records are not set at the “host” level. They’re
typically set at the domain level (e.g. example.com
<http://example.com/>, not foo.example.com <http://foo.example.com/>),
and they tell you which host(s) under that domain provide the service
you are looking up, along with the port number to connect to on that
host. You can also set a series of possible hosts, with weights for
which ones to prefer.


Being able to specify custom ports (and not having users configure it)
is the reason I'm working on it, also the primary reason for the initial
feature request. I'm thinking of running Git+SSH without having to
dedicate an IP or have it fiddle with my systems configuration.

Also fits something like Github (or any large Git+SSH deployment) more
closely: SSH is a service provided by lots of hosts which may have
different priorities (the current patch only uses the highest-prio host
though).

I hope to get some more comments about SRV records with SSH and not
about if SRV records in general are useful?

-- Mara
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux