- stevesk@cvs.openbsd.org 2001/08/29 23:02:21
[sshd.8]
add text about -u0 preventing DNS requests; ok markus@
diff --git a/ChangeLog b/ChangeLog
index 191e525..5316a52 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -46,6 +46,9 @@
[scp.c]
clear the malloc'd buffer, otherwise source() will leak malloc'd
memory; ok theo@
+ - stevesk@cvs.openbsd.org 2001/08/29 23:02:21
+ [sshd.8]
+ add text about -u0 preventing DNS requests; ok markus@
20010815
- (bal) Fixed stray code in readconf.c that went in by mistake.
@@ -6369,4 +6372,4 @@
- Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1
-$Id: ChangeLog,v 1.1498 2001/09/12 17:49:48 mouring Exp $
+$Id: ChangeLog,v 1.1499 2001/09/12 17:51:55 mouring Exp $
diff --git a/sshd.8 b/sshd.8
index 63720c7..e98cfdd 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd.8,v 1.143 2001/08/22 16:30:02 stevesk Exp $
+.\" $OpenBSD: sshd.8,v 1.144 2001/08/29 23:02:21 stevesk Exp $
.Dd September 25, 1999
.Dt SSHD 8
.Os
@@ -268,6 +268,18 @@
should be put into the
.Pa utmp
file.
+.Fl u0
+is also be used to prevent
+.Nm
+from making DNS requests unless the authentication
+mechanism or configuration requires it.
+Authentication mechanisms that may require DNS include
+.Cm RhostsAuthentication ,
+.Cm RhostsRSAAuthentication ,
+.Cm HostbasedAuthentication
+and using a
+.Cm from="pattern-list"
+option in a key file.
.It Fl D
When this option is specified
.Nm