[Bug 1657] New: Server Authentication when both RSA and DSA are enabled (on the server)
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Fri Oct 2 06:49:02 EST 2009
https://bugzilla.mindrot.org/show_bug.cgi?id=1657
Summary: Server Authentication when both RSA and DSA are
enabled (on the server)
Product: Portable OpenSSH
Version: 5.2p1
Platform: All
OS/Version: All
Status: NEW
Severity: trivial
Priority: P2
Component: ssh
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: petfire85 at yahoo.fr
When the SSH Server use both RSA and DSA, actually (by default) the
OpenSSH client is obliged to know the RSA public key of the server. If
we change the preference key to use in the ssh_config with the option
HostKeyAlgorithms we can choose DSA as default key for the server
Authentication.
Actually, if in the known_hosts file on the client we have the RSA key
of the server and if the client is configured to use the DSA key, the
server authentication will failed. Because the SSH client searchs only
the default key of the server in the known_host file.
When we are in this situation, OpenSSH client tell us that there is a
key corresponding to the remote host in the known_hosts file but this
key is not the default configured for the client. So it doesn't want
use it.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list