[Bug 1672] add local DNSSEC validation
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Mon Jul 10 17:03:47 AEST 2023
https://bugzilla.mindrot.org/show_bug.cgi?id=1672
--- Comment #8 from pva <peter.volkov at gmail.com> ---
What is the status of this patch? It looks like many people don't
realize that without a secure local resolver, SSHFP just hides security
under the carpet: instead of a clear one-time 'yes' it makes this 'yes'
unattended, yet it's still possible for mitm on local networks, for
example, by redirecting DNS and ssh traffic to attackers computer.
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list