diff options
| author | deraadt@openbsd.org <deraadt@openbsd.org> | 2015-02-02 01:57:44 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2015-02-03 11:06:15 +1100 |
| commit | 3cd5103c1e1aaa59bd66f7f52f6ebbcd5deb12f9 (patch) | |
| tree | 9648b8c4622cc4531dacc6817ca1a6044a74f726 | |
| parent | 6049a548a8a68ff0bbe581ab1748ea6a59ecdc38 (diff) | |
| download | openssh-git-3cd5103c1e1aaa59bd66f7f52f6ebbcd5deb12f9.tar.gz | |
upstream commit
increasing encounters with difficult DNS setups in
darknets has convinced me UseDNS off by default is better ok djm
| -rw-r--r-- | servconf.c | 4 | ||||
| -rw-r--r-- | sshd_config | 4 | ||||
| -rw-r--r-- | sshd_config.5 | 6 |
3 files changed, 7 insertions, 7 deletions
@@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.259 2015/01/16 06:40:12 deraadt Exp $ */ +/* $OpenBSD: servconf.c,v 1.260 2015/02/02 01:57:44 deraadt Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -308,7 +308,7 @@ fill_default_server_options(ServerOptions *options) if (options->max_sessions == -1) options->max_sessions = DEFAULT_SESSIONS_MAX; if (options->use_dns == -1) - options->use_dns = 1; + options->use_dns = 0; if (options->client_alive_interval == -1) options->client_alive_interval = 0; if (options->client_alive_count_max == -1) diff --git a/sshd_config b/sshd_config index e9045bc4..c9042ac3 100644 --- a/sshd_config +++ b/sshd_config @@ -1,4 +1,4 @@ -# $OpenBSD: sshd_config,v 1.93 2014/01/10 05:59:19 djm Exp $ +# $OpenBSD: sshd_config,v 1.94 2015/02/02 01:57:44 deraadt Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. @@ -112,7 +112,7 @@ UsePrivilegeSeparation sandbox # Default for new installations. #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 -#UseDNS yes +#UseDNS no #PidFile /var/run/sshd.pid #MaxStartups 10:30:100 #PermitTunnel no diff --git a/sshd_config.5 b/sshd_config.5 index 4fd93d68..cf57c609 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.191 2015/01/22 21:00:42 jmc Exp $ -.Dd $Mdocdate: January 22 2015 $ +.\" $OpenBSD: sshd_config.5,v 1.192 2015/02/02 01:57:44 deraadt Exp $ +.Dd $Mdocdate: February 2 2015 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -1379,7 +1379,7 @@ should look up the remote host name and check that the resolved host name for the remote IP address maps back to the very same IP address. The default is -.Dq yes . +.Dq no . .It Cm UseLogin Specifies whether .Xr login 1 |