[Bug 2894] Set UpdateHostKeys for interactive sessions to 'ask' (or consider defaulting to 'yes')
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Fri Jan 11 22:35:54 AEDT 2019
https://bugzilla.mindrot.org/show_bug.cgi?id=2894
Colin Watson <cjwatson at debian.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |cjwatson at debian.org
--- Comment #1 from Colin Watson <cjwatson at debian.org> ---
I ran into this recently when trying to work out how we might do host
key rotation on a large SSH server. This is a code hosting site to
which you can push code over SSH, usable by anyone who's given us a
public key rather than limited to a single organisation, so we can't
mandate any particular client setup and the host key certificate
mechanisms don't really work all that well for us either.
Life would be a lot easier in this kind of environment if
UpdateHostKeys were on in some way by default. (We'd actually probably
need it to have been on by default for a few years, and something
similar to be in some other popular clients too, but you have to start
somewhere.)
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list