To make the host-based authentication more secure, you may want to consider the following optional configuration settings:
After this modification the
.rhosts files will not be used in host-based
To force an exact match between the host name that the client sends to
the server and the client's DNS entry, make sure that you have the following
definition in your
188.8.131.52 client.example.com client
Even if you are not using
/etc/hosts as your
primary resolver, you may need to add entries to it for the client and the
server to allow them to resolve each other's fully qualified domain names
(if they are not able to do so otherwise).
Please note that when
is used, host-based authentication through NAT (Network Address Translation) will not work.