[patch] SSH host keys in DNS
Wesley Griffin
wgriffin at tislabs.com
Tue Jul 10 01:32:46 EST 2001
I've made some changes to the 2.9p2 release code to add support for
using DNSSEC lookups to check host keys. I've also made the changes to
the OPENBSD_2_9 tree. Both patches are available at
ftp://ftp.tislabs.com/pub/fmeshd/ as
openssh.[portable,openbsd].patch.20010709
I'm really looking for testers at this time. Right now the lookups are
done using a getrrsetbyname() function that is part of the BIND9 lwres
API. I'm in the process of writing a similar standalone function for the
OpenBSD tree.
There is a README.DNSSEC file in the directory that has more details.
--
Wesley Griffin NAI Labs
wgriffin at tislabs.com 443.259.2388
More information about the openssh-unix-dev
mailing list