SSH reverse DNS lookup

SSHD can be configured to block access to clients whose forward(A) and reverse(PTR) records don't map to each other.

When the connection request comes in the daemon checks the reverse record of the IP: 192.168.1.1 = PTR my.domain.com

It can then check the forward lookup record of the host: my.domain.com = A 192.168.1.1

If my.domain.com doesn't resolve to 192.168.1.1 then it can block the connection.

This is because it is easy to setup your own reverse zone and map a PTR record to whatever host name you would like, but to map the host name to the IP would require you to have access to the authoritative server for that zone. IE one more thing a hacker would have to do to gain access.

SSH reverse DNS lookup

Tags:

Security

Reverse Dns

Ssh

Related

Recent Posts