[Bug 1296] VerifyHostKeyDNS default domain
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Tue Aug 10 04:34:42 EST 2010
https://bugzilla.mindrot.org/show_bug.cgi?id=1296
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
Status|NEW |RESOLVED
Resolution| |FIXED
--- Comment #2 from Damien Miller <djm at mindrot.org> ---
Unfortunately the resolver APIs don't give us any way to find out the
canonical domain that the resolver actually used to find the address.
There is a bit of discussion about this on openssh-unix-dev at mindrot.org
(see the thread "Question about host certificates").
The workaround that I implemented was an easy way to apply a default
domain name to unqualified host names in ssh_config:
Host *.*
Hostname %h
Host *
Hostname %h.my.domain
It is a bit of a hack, but unfortunately it is the best we can do
without changes to the resolver API.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list