Trailing dot is not removed from client hostname if HostbasedUsesNameFromPacketOnly is yes

Stephen Samuel samuel at
Tue Sep 16 08:37:20 EST 2003

Normallly a machine is considered to be part of a domain.
Nameservers use this fact to allow for short name lookups.

eg: let's say that  my machine is part of

If I do a nslookup for server , dns will normally look for
the tld of 'server'. Then it will look for

similarly, a hunt for (note the double 't')
would cause a look for and then for

This gets real nasty if you have a wildcard for your domain...
eg: if i have
* 	IN	A
then the search for will return

On the other hand, if I specify (note the trailing dot),
DNS recognizes that trailing dot as an indicator that this is EXACTLY the
name I'm looking for and DO NOT look for

I just got bit by this the other day, where I was checking to see if
directory names corresponded to domain names,  The easy choice was to
simply do a `ping -c2 $dirname`  but it turns out that the machine I
was on was in a domain that had a wildcard DNS entry (grr!) so the
ping would always succeeed as

ping -c2 ${dirname}.

did the trick.

Carson Gaspar wrote:
> --On Saturday, September 13, 2003 5:34 PM +0200 Markus Friedl 
> <markus at> wrote:
>> AFAIK HostbasedUsesNameFromPacketOnly means: use the _exact_
>> value from the packet.  This is why the dot is not
>> removed.  Moreover, HostbasedUsesNameFromPacketOnly is
>> not recommended and experimental.  The client
>> needs to be changed to have truly random names in
>> the hostbased packets.
> WTF? Why would you want random names?!

Stephen Samuel +1(604)876-0426                samuel at
    Powerful committed communication. Transformation touching
        the jewel within each person and bring it to life.

More information about the openssh-unix-dev mailing list