name resolution questions - bad queries
Simon Waters
Simon at wretched.demon.co.uk
Sun Feb 24 22:34:56 UTC 2002
joe user wrote:
>
> The problems seem to start in ssh,
>
> [jimc at groucho jimc]$ ssh -v
> OpenSSH_3.0.2p1, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
>
> have I missed or misinterpreted something ?
> any free advice ?
I saw something like this with Open SSH on Suse 7.2 (I think, I
keep using different Linux distro's sometimes the greymatter
doesn't keep up), so I think your understanding is fine.
Open SSH was using IPv6 by default, I spotted it coz the machine
it was on didn't have DNS set up and was taking an age to login
to a machine on the same network - doh.
"ssh -4" is the quick "fix", I guess you'd have to look at
rebuilding SSH with the right options.
It was documented nicely, either the SuSe web site, or the
OpenSSH site.
If the information leakage is a major issue perhaps you need to
set up your own servers for the local DNS domains so answers are
always returned locally for those domains. Although if security
is that important perhaps allowing machines to query the
Internet DNS is the wrong approach for you ;)
More information about the bind-users
mailing list