Subject: Re: canonical host names in ssh
To: Christos Zoulas <christos@zoulas.com>
From: Todd Vierling <tv@wasabisystems.com>
List: current-users
Date: 02/02/2001 10:15:28
On Fri, 2 Feb 2001, Christos Zoulas wrote:
: >>The ssh in NetBSD used to canonicalize hostnames (when reading/writing
: >>known_hosts at least) but that stopped when the 2.3.0/20010105 stuff was
: >>merged in a couple of weeks ago.
: >>Was that intentional? I liked the previous behaviour.
: >
: > i believe the change is intentional. it was done between
: > openssh 2.2.0 -> 2.3.0 (the change is not local to netbsd).
:
: Actually, I fixed a bug in 2.2.0 where it *sometimes* did not canonicalize.
: Has the code been totally removed in 2.3.0? What is the justification?
Why is not canonicalizing hostnames a bug? I'd consider that a very
important feature, which I had been using:
I have several machines behind a NAT box, because I only receive one IP
from my provider. There are several "rdr" ports pointing to the various ssh
servers on each machine, at different ports, but each machine has a
different "hostname" (CNAMEs to the same place, externally).
In my .ssh/config, I have "Port" directives to sort out correctly which
ports go to which "machine" (actually, which "rdr" ports). So each machine
has its own entry in known_hosts (even though they're the same IP address),
and I can see them through the NAT gateway fine.
This currently works on 1.5, but would it have broken with this "fix" to
2.2.0 that you mention?
--
-- Todd Vierling <tv@wasabisystems.com> * Wasabi NetBSD: Run with it.
-- NetBSD 1.5 now available on CD-ROM -- http://www.wasabisystems.com/