Jochen Bern
2021-Feb-09 07:58 UTC
[openssh-commits] [openssh] 02/02: upstream: hostname is not specified by POSIX but uname -n is, so use
On 09.02.21 01:25, Nico Kadel-Garcia wrote:> On Mon, Feb 8, 2021 at 3:59 PM Bob Proulx <bob at proulx.com> wrote: >> The hostname -f option is a "new-ish" Linux specific option. It's not >> portable. And because it works by doing a reverse DNS lookup it >> depends upon live network connectivity at that moment working for the >> network lookup and the results are spotty depending upon how DNS is >> set up and how many IP addresses are configured on the host. > > It looks in /etc/hosts first, which works very well when DNS is > unavailable and when the host his publishing a dynamic DNS entry.Suffice to say that I added a check to our monitoring so as to detect machines entering production where `hostname`, not to even mention /etc/hosts, still returns "localhost.localdomain" or even just "localhost" instead of something unique. Out of interest, what *purpose* is the obtained hostname being used for? Does OpenSSH actually *need* it to be a) unique, b) reproducible, and/or c) a proper FQDN, or does it merely enter the comment of autogenerated host keypairs? All the KnownHosts checking AFAIR happens on the *client* side and uses whatever name(s) of the server are known *there* ... Regards, -- Jochen Bern Systemingenieur Binect GmbH -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3449 bytes Desc: S/MIME Cryptographic Signature URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20210209/da0cd690/attachment-0001.p7s>
Darren Tucker
2021-Feb-09 09:14 UTC
[openssh-commits] [openssh] 02/02: upstream: hostname is not specified by POSIX but uname -n is, so use
On Tue, 9 Feb 2021 at 19:05, Jochen Bern <Jochen.Bern at binect.de> wrote: [...]> Out of interest, what *purpose* is the obtained hostname being used for?For the case that started this thread, it's used for expanding "%" tokens in the config file. From ssh_config(5): TOKENS Arguments to some keywords can make use of tokens, which are expanded at runtime: [...] %L The local hostname. %l The local hostname, including the domain name. These can be used by various keywords, typically for file paths (for example, if you want to make a ControlPath unique to a hostname). I'd have to check the code history to figure out where each token originally came from, but I made them all more or less consistent between the 8.2 and 8.3 releases.> Does OpenSSH actually *need* it to be a) unique, b) reproducible, and/or > c) a proper FQDNDepends on what the user uses them for, but typically as long as they're reproducible and unique within a set of machines that share a filesystem it would likely be sufficient. -- Darren Tucker (dtucker at dtucker.net) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.