On 05/12/2016 10:21 AM, Dan Pritts wrote:
>> Joe Konecny <mailto:jkonecny AT rmtohio DOT com>
>> May 11, 2016 at 2:46 PM
>> I found after several days of wrestling that UseDNS now defaults to "no" in
>> newer versions of openssh. This causes a from="hostname" clause in 
>> authorized_keys
>> to reject the connection. You either have to... 1. use an ip address 
>> from="x.x.x.x"
>> 2. set "UseDNS yes" in sshd_config or 3. omit "from=" altogether. Hope this 
>> helps
>> someone.
>
> Unless you are using DNSSEC broadly (unless you know all about it, you 
> aren't), depending on DNS for security is a bad idea.  This is a positive 
> change, but a bummer that it's bitten you.
>
> danno
> --
> Dan Pritts
> ICPSR Computing & Network Services
> University of Michigan

I only used because the docs suggested it...

http://backuppc.sourceforge.net/faq/ssh.html


What is best, use an ip address or omit "from=" althogether?



------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/