On Tue, 8 Aug 2017, Pat Riehecky wrote:

> Updated packages have been posted for testing:
>
> http://ftp.scientificlinux.org/linux/scientific/7rolling/testing/x86_64/
>
> These packages cover the SL7.4 security errata released along with the 
> upstream EL7.4 release.
>
> There are well over 1000 binary packages from over 400 source rpms within 
> this update set and you are encouraged to test it before the packages are 
> released.
>
> We have encountered some display issues the MATE and Cinnamon desktops as 
> provided by EPEL-7.  The exact causes are unclear.
>
> We have encountered some issues with the kmod-nvidia-340xx-340.102-3.el7_4 
> and are working with the ELRepo folks towards a resolution.
>
> These packages will be released on  August 21 2017
> unless critical issues continue.
>
> You can install this update for testing via the sl-testing repo on
> your SL system:
>   yum --enablerepo=sl-testing update <package you wish to test>
>
> ...
> openssh-7.4p1-11.el7.x86_64.rpm
> openssh-askpass-7.4p1-11.el7.x86_64.rpm
> openssh-cavs-7.4p1-11.el7.x86_64.rpm
> openssh-clients-7.4p1-11.el7.x86_64.rpm
> openssh-keycat-7.4p1-11.el7.x86_64.rpm
> openssh-ldap-7.4p1-11.el7.x86_64.rpm
> openssh-server-7.4p1-11.el7.x86_64.rpm
> openssh-server-sysvinit-7.4p1-11.el7.x86_64.rpm
> ...

There is a difference in the default configuration for sshd 
in this update.  Now by default sshd does not use DNS to resolve
incoming connections.  Depending on your configuration needs this
may cause issues - for example, for us we make use of the AllowUsers
configuration to match to local domains, and this requires DNS lookup.

So if you need DNS lookups then you need to enable it in your
/etc/ssh/sshd_config file:

UseDNS yes

cheers, etc.
-- 
deatrich @ triumf.ca, Science/ATLAS         PH: +1 604-222-7665
<*> This moment's fortune cookie:
     "Quando omni flunkus moritati"
         - Red Green