Re: ssh connection takes long time

[randall <randall@songshu.org>]

Boyd Stephen Smith Jr. wrote:
> On Friday 13 March 2009 08:41:52 Abdelkader Belahcene wrote:
>   
>
> If you are using the OpenSSH daemon on the remote server and that 
> daemon is using the default configuration, it does a reverse DNS 
> lookup on the connecting IP before accepting the login.
>
> IIRC, It is possible to disable this reverse DNS lookup in the 
> OpenSSH daemon configuration.  It is not possible to disable this 
> lookup by adjusting the client configuration or version.
>
> In general, you should make sure reverse DNS works for all your IPs.
>   
i doubt that this is a sensible default, if i'm wrong please let me know ;)

as far as i know the only other time a reverse DNS is needed would be if 
you are running a mail server, and even then i notice that the number of 
mail servers actually checking for PTR records is very very small.

besides how would you do this with a dynamic IP, we are talking clients 
here and you never know what ISP you might use when traveling around.
also i see very little function to this, besides some extra unneeded 
info in the log i don't see any added security in this feature.

but then again, i might be wrong.


--

www.songshu.org
Just another collection of nuts