Skribent: Rick Moen Dato: Til: dng Emne: Re: [DNG] ..should we set up our own usage policy wizard script?,
was: OpenSSH: delay on beowulf
Quoting Dr. Nikolaus Klepp (dr.klepp@???):
> The problem only exists if all of these conditions are met:
>
> - kernel 4.19. from beowulf
> - network up, but DNS of ISP not reacting in time or dhcpcd did not
> get a lease
> - sshd_config has "UseDNS yes"
> - first try to start sshd after boot
>
> The problem is solved by "UseDNS no" in sshd_config.
>
> Now that sshd uses DNS on first startup is quite surprising - at least
> it was for me.
I'm not.
Having DNS information in your logging is valuable. In my opinion,
instead of turning off sshd's lookup of DNS information, you should fix
the broken DNS. I.e., solve the correct problem, not the wrong one.
In particular, you should make sure you are not reliant on ISP DNS,
e.g., either run some variety of local nameservice or have needed
entries in /etc/hosts or bothIn particular, you should make sure you are
not reliant on ISP DNS, e.g., either run some variety of local
nameservice or have needed entries in /etc/hosts or both.
(Even where ISP DNS is reliably reachable, it's reliably terrible.)