On Tue, 11 Nov 2014 17:48:25 -1000 Lee Howard <[email protected]> wrote:
> Many SSH servers (by default) reject connections from IP addresses > without PTRs. This is stupid. Which ones? OpenSSH does not. It has a 'UseSSH' option that is often enabled by default, but all this does is log a message if the PTR name of the client address doesn't match the address when the name is then resolved. Dropbear has it disabled in source code by default. Tectia behaves similarly to OpenSSH. > I heard applause during the WG meeting in response to these > statements; sounded like consensus to me. I said I would check that > consensus on list. I may be ignorant of context not having been there or having reviewed any transcripts that may exist. Is this a non-issue or a more pressing issue somewhere else perhaps? John _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
