[Bug 2747] Different notations for the same IP-address result in multiple entries in known_hosts
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Tue Jul 25 01:54:55 AEST 2017
https://bugzilla.mindrot.org/show_bug.cgi?id=2747
--- Comment #1 from Mikhail T. <mi+mindrot at aldan.algebra.com> ---
There is, actually, a security implication to this bug -- a MITM attack
may be made possible by sending the user to the host identified by the
same IP-address in a different notation.
Instead of a "the host's key has changed" *error*, they'll get a "would
you like to add this key" *warning*...
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list