[Bug 1672] add local DNSSEC validation

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Mon Jul 10 17:03:47 AEST 2023


https://bugzilla.mindrot.org/show_bug.cgi?id=1672

--- Comment #8 from pva <peter.volkov at gmail.com> ---
What is the status of this patch? It looks like many people don't
realize that without a secure local resolver, SSHFP just hides security
under the carpet: instead of a clear one-time 'yes' it makes this 'yes'
unattended, yet it's still possible for mitm on local networks, for
example, by redirecting DNS and ssh traffic to attackers computer.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list