You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have a network where I get an IPv6 nameserver via router advertisement, and it is a link-local ip. So the resolv.conf entry looks something like this:
nameserver fe80::1%eth0
Now ssh uses ldns to look up SSHFP records when having VerifyHostKeyDNS yes. It tries the lookup 3 times, each one timing out, then ssh fails:
I agree this should be done, but this is not easily accomplished with how things are currently handled. I guess we would need to add an additional list of IPv6 scope_id's to struct ldns_struct_resolver. I'll label this enhancement.
So not for the next release but the release thereafter... @TCY16 would this be something you'd be willing to do?
I have a network where I get an IPv6 nameserver via router advertisement, and it is a link-local ip. So the resolv.conf entry looks something like this:
Now ssh uses ldns to look up SSHFP records when having
VerifyHostKeyDNS yes
. It tries the lookup 3 times, each one timing out, then ssh fails:I assume that the relevant piece in the strace output is the
sin6_scope_id=0
, which is not valid.I am running ldns 1.8.1-1 (from arch linux), openssh 9.0p1, on linux 5.17.8.
Expected Behaviour:
ldns sets the correct scope_id from the zone identifier in resolv.conf, resulting in successful DNS lookups from ssh.
The text was updated successfully, but these errors were encountered: