Hi there, Happy longtime PDNS user here. I'm setting up SSHFP to be able to utilize the openssh VerifyHostKeyDNS feature. My internal network uses a local pdns_recursor resolver with this setting:
forward-zones=internal=IP_OF_PDNS_AUTH_SERVER So machines can find each other with serverX.internal. This works fine for most apps, however not for openssh. When it looks up the SSHFP record, it doesn't expand boxX to use the FQDN (.internal) as has been specified in resolv.conf. Imho this is by design but this renders the feature useless in my network (unless I stick to using FQDNs). Apart from patching openssh, would it possible to tell powerdns recursor to also forward non-FQDN queries to a specific source? Ie. lookups for hosts without a dot? Alternative solutions welcome :) Cheers! Willem _______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
