[Bug 2602] New: (Feature request) Verify host using key in destination user account

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Mon Aug 1 04:12:24 AEST 2016


https://bugzilla.mindrot.org/show_bug.cgi?id=2602

            Bug ID: 2602
           Summary: (Feature request) Verify host using key in destination
                    user account
           Product: Portable OpenSSH
           Version: -current
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: Miscellaneous
          Assignee: unassigned-bugs at mindrot.org
          Reporter: bugzilla.mindrot.org at edp.org

I would like ssh to provide host verification using a key in the
destination user account (as an alternative to using a key installed by
the system administrator).

It is not unusual to connect to systems where the user has an account
but does not control the system (e.g., accounts provided by schools,
employers, and other institutions or an account on a virtual server at
an ISP), and the institution may occasionally migrate the accounts to
new hardware while neglecting to migrate the host keys. This feature
would also be useful on development systems where the user reinstalls
the OS frequently (but retains the user data, possibly on a storage
volume separate from the OS).

If the destination account files contained a key (with permissions
granting access to sshd but denying access to other users), sshd could
access the key and use it to authenticate to the client ssh.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list