| 1 |
Hi list! |
| 2 |
|
| 3 |
I have an issue with SSH. It's a variation of the old "Set 'UseDNS no' |
| 4 |
to avoid delays with faulty DNS records" theme. |
| 5 |
|
| 6 |
Following setup: |
| 7 |
1. I have a server with IPv6 compiled into the SSH daemon but no actual |
| 8 |
IPv6 network interface. |
| 9 |
|
| 10 |
2. The SSH client has no IPv6, neither compiled nor active. |
| 11 |
|
| 12 |
3. The DNS server doesn't serve or support AAAA records. Apparently it |
| 13 |
drops all such requests. All other records for IP and reverse lookup are |
| 14 |
correct. |
| 15 |
|
| 16 |
Now I'm experiencing the classic, very long delay when connecting to the |
| 17 |
server via SSH because it does DNS lookups. When I look at wireshark |
| 18 |
dumps, I see correctly served A and reverse lookups but the server also |
| 19 |
insists on doing AAAA requests which time out. |
| 20 |
|
| 21 |
I tried limiting the sshd "AddressFamily" to inet (aka IPv4) but this |
| 22 |
didn't change anything. Is there another workaround or do I really have |
| 23 |
to deactivate DNS lookups? |
| 24 |
|
| 25 |
Thanks in advance! |
| 26 |
Florian Philipp |
Archives