Date: Thu, 30 Nov 2006 23:33:39 +0800 (WST) From: David Adam <zanchey@ucc.gu.uwa.edu.au> To: Dmitry Pryanishnikov <dmitry@atlantis.dp.ua> Cc: FreeBSD Stable Mailing List <freebsd-stable@freebsd.org> Subject: Re: sshd. "UseDNS no" ignored? Message-ID: <Pine.LNX.4.58.0611301903110.14631@mussel.ucc.gu.uwa.edu.au> In-Reply-To: <20061129143330.T82233@atlantis.atlantis.dp.ua> References: <d8a4930a0611210211q4920bfdkf7f0400c69df2689@mail.gmail.com> <4563126E.2060904@math.missouri.edu> <20061129143330.T82233@atlantis.atlantis.dp.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 29 Nov 2006, Dmitry Pryanishnikov wrote: > I'm still wondering why OpenSSH is _so_ inferior to SSH.COM's ssh2 > (which is also open-source)? Is it really open-source? I couldn't find any reference to source downloads or licensing terms on http://www.ssh.com/. It mentions OpenSSH as an open-source alternative. > In the later product the following line in > /usr/local/etc/ssh2/sshd2_config: > > ResolveClientHostName no > > _actually_ prevents DNS reverse lookups by the sshd2 (just checked it, > my test machine has ssh2-nox11-3.2.9.1_5 installed from ports). It's not > the only option which present in ssh2 while absent in OpenSSH, second > very useful one is: > > AuthInteractiveFailureTimeout 10 > > which make SSH-password-guessing robots to give up after the first attempt ;) You might like to suggest these features to the OpenSSH developers! http://www.openssh.com/report.html Of course, when space is at a premium, Dropbear is the answer to your SSH questions. David Adam zanchey@ucc.gu.uwa.edu.au
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.58.0611301903110.14631>