From 8960375b2a9f11d413152b67f81ca765b157c711 Mon Sep 17 00:00:00 2001
From: Stephen Hemminger <stephen.hemminger@vyatta.com>
Date: Tue, 16 Nov 2010 11:29:38 -0800
Subject: Add option to disable host validation (DNS) for SSH

Bug 4970
New CLI control of UseDNS option to sshd_config

	set service ssh disable-host-validation
---
 scripts/rl-system.init | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'scripts/rl-system.init')

diff --git a/scripts/rl-system.init b/scripts/rl-system.init
index 038653fe..fc328b7b 100755
--- a/scripts/rl-system.init
+++ b/scripts/rl-system.init
@@ -176,11 +176,13 @@ security_reset () {
 	rm /usr/share/pam-configs/radius
    fi
 
-   # Disable root login with ssh
-   sed -i -e '/^PermitRootLogin/s/yes/no/' /etc/ssh/sshd_config
-
    # Disable root login over telnet
    sed -i -e '/^# Pseudo-terminal (telnet)/,$d' /etc/securetty
+
+   # Disable root login with ssh
+   # Renable DNS validation
+   sed -i -e '/^PermitRootLogin/s/yes/no/' \
+          -e '/^UseDNS/s/no/yes/' /etc/ssh/sshd_config
 }
 
 start () {
-- 
cgit v1.2.3