For the default of CanonicalizeFallbackLocal

togakushi nina.togakushi+ssh at gmail.com
Sun Jan 19 14:23:28 EST 2014


Hi,

The default value for the option CanonicalizeFallbackLocal.

In the manual, The default value "no".

     CanonicalizeFallbackLocal
             Specifies whether to fail with an error when hostname canonical-
             ization fails.  The default, “no”, will attempt to look up the
             unqualified hostname using the system resolver’s search rules.  A
             value of “yes” will cause ssh(1) to fail instantly if
             CanonicalizeHostname is enabled and the target hostname cannot be
             found in any of the domains specified by CanonicalDomains.

but, I think in the "yes".
In the source code...

1476 initialize_options(Options * options)
1477 {
1561   options->canonicalize_fallback_local = -1;
1563 }

1571 fill_default_options(Options * options)
1572 {
1720   if (options->canonicalize_fallback_local == -1)
1721     options->canonicalize_fallback_local = 1;
1738 }

try,

"myserver" can name resolution but, "myserver.localdomain.local" can not.

  <.ssh/config>
  CanonicalizeHostname yes
  CanonicalDomains localdomain.local
  CanonicalizeFallbackLocal no

  $ ssh root at myserver
  ssh: Could not resolve host "myserver"

Not connected.

  <.ssh/config>
  CanonicalizeHostname yes
  CanonicalDomains localdomain.local
  #CanonicalizeFallbackLocal no <- comment out

  $ ssh root at myserver
  Last login: Sun Jan 19 02:51:12 2014 from 192.168.x.x
  root at myserver:~$

Connected.

When the settings have not been, I fall back.
This is the behavior when it is set to "yes".

Thanks.


More information about the openssh-unix-dev mailing list