[Bug 2400] New: StrictHostKeyChecking=no behaviour on HOST_CHANGED is excessively insecure
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Mon May 18 11:16:35 AEST 2015
https://bugzilla.mindrot.org/show_bug.cgi?id=2400
Bug ID: 2400
Summary: StrictHostKeyChecking=no behaviour on HOST_CHANGED is
excessively insecure
Product: Portable OpenSSH
Version: 6.8p1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: mik at miknet.net
The legacy behaviour of StrictHostKeyChecking=no involves allowing
connections even if the host key has changed. What most deployments
want when they set this is just TOFU.
It is common for batch processing and cluster systems to deploy with
this option permanently set, completely undermining the security of
such systems - for example, an attacker could intercept a data
processing stage to steal a copy of all of the private data.
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list