[Bug 2924] New: Order a limited host keys list in client based on the known hosts
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Thu Nov 1 23:55:03 AEDT 2018
https://bugzilla.mindrot.org/show_bug.cgi?id=2924
Bug ID: 2924
Summary: Order a limited host keys list in client based on the
known hosts
Product: Portable OpenSSH
Version: 7.7p1
Hardware: Other
OS: Linux
Status: NEW
Keywords: patch
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: jjelen at redhat.com
Created attachment 3198
--> https://bugzilla.mindrot.org/attachment.cgi?id=3198&action=edit
possibility to order host keys in client
The HostKeyAlgorithms option in the client has a difference from all
the other algorithm limiting options that should be sorted according to
the list of known hosts available. This works fine out of the box with
default negotiated list, but when one tries to limit (or extend) the
algorithm list to something else than default, the ordering is turned
off and one can simply hit the hostkey changed, even though it did not
change at all (only different one is offered for a connection).
There is attached proposed patch to implement new configuration option
HostKeyAlgorithmsOrder, which will turn on sorting also on the
user-provided list of host keys.
Other possibility to resolve this problem would be to introduce another
configuration option HostKeyAlgorithmsAllow or similar, which would
have this semantics (would be ordered before the algorithm
negotiation).
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list