HPE Community
Operating System - Linux
1833758 Members
2541 Online
110063 Solutions
New Discussion

Re: turning off dns lookup when using ssh

 
Andrew medhurst1
Frequent Advisor

‎09-29-2009 12:35 AM

‎09-29-2009 12:35 AM

turning off dns lookup when using ssh

guys i need to turn off dns lookups when signing in with ssh, i want ssh to default to using hosts file.
i have tried setting UseDns to no but this does not help i found a thread about setting up a parameter in /etc/sysconfig/sshd that when the sshd process starts it starts with a -ou option that disables dns lookups but the file does not exist.
can anyone help in shutting down dns lookups in ssh login.
regards
andrew
0 Kudos
Reply
4 REPLIES 4
Goran Koruga
Honored Contributor

‎09-29-2009 01:58 AM

‎09-29-2009 01:58 AM

Re: turning off dns lookup when using ssh

Hello.

See if setting RESOLV_HOST_CONF helps - man host.conf. RESOLV_SERV_ORDER shall also help.

Regards,
Goran
0 Kudos
Reply
Matti_Kurkela
Honored Contributor

‎09-29-2009 02:29 AM

‎09-29-2009 02:29 AM

Re: turning off dns lookup when using ssh

The option is not -ou but -u0, that is: lowercase u and number zero. It stops the sshd from making any hostname lookups, unless a hostname lookup is required by the chosen authentication method or other configuration.

Example: if you have specified DenyUsers=*@evil.org then sshd must do a reverse lookup to find out whether the IP address the user is connecting from belongs to evil.org or not.

When sshd makes a hostname lookup, it does not explicitly choose to use either DNS or the hosts file. Sshd simply uses the gethostbyname() or gethostbyaddr() functions provided by the system's libc library. Linux usually uses GNU libc, which is configurable via the usual /etc/nsswitch.conf and /etc/resolv.conf.

/etc/sysconfig/sshd is used in RedHat/Fedora distributions. If you don't have that, you obviously have something different. What kind of Linux do you have?

MK
MK
0 Kudos
Reply
Andrew medhurst1
Frequent Advisor

‎09-29-2009 02:57 AM

‎09-29-2009 02:57 AM

Re: turning off dns lookup when using ssh

rhel 5.3
0 Kudos
Reply
Matti_Kurkela
Honored Contributor

‎09-29-2009 04:49 AM

‎09-29-2009 04:49 AM

Re: turning off dns lookup when using ssh

I checked the RHEL 5.x startup script for sshd.

It says:

# pull in sysconfig settings
[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd

i.e. "read the /etc/sysconfig/sshd file if it exists, otherwise keep going using the default values".

If /etc/sysconfig/sshd does not exist, your system is using the factory default configuration for sshd. Just create the file and put in it the line:

OPTIONS="-u0"

Then restart sshd with "service sshd restart".

MK
MK
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.