CVS is missing documentation for HostbasedUsesNameFromPacketOnly

Markus Friedl markus at
Mon Sep 15 18:05:24 EST 2003

On Sun, Sep 14, 2003 at 01:59:47PM -0400, Carson Gaspar wrote:
> --On Saturday, September 13, 2003 5:33 PM +0200 Markus Friedl 
> <markus at> wrote:
> >HostbasedUsesNameFromPacketOnly is experimental and
> >not documented. i think it violates the spec.
> Can you please elaborate? From my point of view, it is the _only_ sane way 
> to operate, as anything else looks at useless (from a security perspective) 
> IP and DNS data, as opposed to the cryptographically authenticated data 
> sent by the client.
> It also makes HostbasedAuthentication survive NAT, which is nice.

than add dot in shosts and it works.

this won't/cannot be changed for 3.7

More information about the openssh-unix-dev mailing list