[Bug 2747] Different notations for the same IP-address result in multiple entries in known_hosts

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Tue Jul 25 01:54:55 AEST 2017


https://bugzilla.mindrot.org/show_bug.cgi?id=2747

--- Comment #1 from Mikhail T. <mi+mindrot at aldan.algebra.com> ---
There is, actually, a security implication to this bug -- a MITM attack
may be made possible by sending the user to the host identified by the
same IP-address in a different notation.

Instead of a "the host's key has changed" *error*, they'll get a "would
you like to add this key" *warning*...

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list