[Bug 112] Using host key fingerprint instead of "yes"
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Thu Feb 21 09:59:31 EST 2002
http://bugzilla.mindrot.org/show_bug.cgi?id=112
------- Additional Comments From djast at cs.toronto.edu 2002-02-21 09:59 -------
But the whole *point* of the patch is to cut and paste it--from a trusted
source. This would usually be "ssh-keygen -l", but it could also be the output
of another previous ssh session (run from a more trustworthy context).
Poisoning the format of the displayed fingerprint is an ugly approach; with all
due respect, the only argument for taking that tack is that it's easier to code
than designing it correctly (i.e., in such a manner that it doesn't spit out the
answer to the question it's asking.)
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-unix-dev
mailing list