https://bugzilla.mindrot.org/show_bug.cgi?id=2126
Bug ID: 2126
Summary: ISP bogus NX records override configuration Host
Product: Portable OpenSSH
Version: 6.0p1
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: ssh
Assignee: [email protected]
Reporter: [email protected]
ii openssh-client 1:6.0p1-3ubuntu1
i386 secure shell (SSH) client, for secure access
to remote machines
ii openssh-server 1:6.0p1-3ubuntu1
i386 secure shell (SSH) server, for secure access
from remote machines
* Host <Host> in ~/.ssh/config with a correct HostName entry
* ssh <Host>
Expected: connects to <Host>
Actual: ssh does a DNS lookup on the Host first, the ISP returns an IP
for their own ad server, ssh tries to connect to that IP and fails
Desired: ssh should check the config file first
Impact: can spend many hours trying to figure out whats wrong with the
configuration when it's actually not trying to connect to the RIP IP
Workaround: install dnsmasq and add a bogus-nxdomain=<IP> to
/etc/dnsmasq.conf
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
