feature request: modify getrrsetbyname() to use libunbound

Peter Stuge peter at stuge.se
Wed May 9 16:08:47 EST 2012


Luca Filipozzi wrote:
> We propose that openssh be modified as follows:
> 
> (1) introduce a new ssh_config directive: UnboundConfigurationFile

I don't think any SSH configuration directives should be tied to a
specific implementation of anything outside the SSH domain.


> (3) provide a default unbound configuration in /etc/ssh/ssh_unbound_conf

What needs to be set in that config? I think adding DNSSEC-related
directives to ssh_config and perhaps also sshd_config would be more
in line with the rest of the configuration directives.

Hopefully configuration can be given also programatically to
libunbound, so that OpenSSH could use the same configuration
directives regardless of which resolver library is used.


//Peter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20120509/9d614818/attachment.bin>


More information about the openssh-unix-dev mailing list