feature request: modify getrrsetbyname() to use libunbound
Luca Filipozzi
lfilipoz at emyr.net
Wed May 9 19:30:41 EST 2012
On Wed, May 09, 2012 at 09:50:22AM +0200, Ond??ej Caletka wrote:
> Dne 9.5.2012 06:20, Luca Filipozzi napsal(a):
> > That said, it seems rather cumbersome to have users install a local
> > caching resolver in order to secure the last mile of DNS queries (who
> > trusts their ISP, after all), so we postulated whether it would be
> > possible to modify openssh such that the ssh client could perform the
> > queries itself.
>
> Wouldn't it be done by just adding trust anchor to current ldns
> resolving code?
It's sufficient to add "anchor /path/to/root.key" to /etc/resolv.conf.
Thanks very much for adding ldns support to 6.0. I don't think we need
both libunbound (which links against libldns) and libldns.
--
Luca Filipozzi
More information about the openssh-unix-dev
mailing list