[Pdns-users] forward-zones, SSHFP and non-FQDN
Leen Besselink
leen at consolejunkie.net
Thu Dec 9 00:23:47 UTC 2010
On 12/08/2010 05:06 PM, Willem wrote:
> Hi there,
>
> Happy longtime PDNS user here. I'm setting up SSHFP to be able to
> utilize the openssh VerifyHostKeyDNS feature. My internal network uses
> a local pdns_recursor resolver with this setting:
>
> forward-zones=internal=IP_OF_PDNS_AUTH_SERVER
>
> So machines can find each other with serverX.internal. This works fine
> for most apps, however not for openssh. When it looks up the SSHFP
> record, it doesn't expand boxX to use the FQDN (.internal) as has been
> specified in resolv.conf. Imho this is by design but this renders the
> feature useless in my network (unless I stick to using FQDNs).
>
> Apart from patching openssh, would it possible to tell powerdns
> recursor to also forward non-FQDN queries to a specific source? Ie.
> lookups for hosts without a dot?
>
> Alternative solutions welcome :)
A Lua-script ?:
http://doc.powerdns.com/recursor-scripting.html
> Cheers!
> Willem
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> http://mailman.powerdns.com/mailman/listinfo/pdns-users
More information about the Pdns-users
mailing list