[Bug 112] Using host key fingerprint instead of "yes"

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Feb 21 09:59:31 EST 2002


------- Additional Comments From djast at cs.toronto.edu  2002-02-21 09:59 -------
But the whole *point* of the patch is to cut and paste it--from a trusted
source.  This would usually be "ssh-keygen -l", but it could also be the output
of another previous ssh session (run from a more trustworthy context).

Poisoning the format of the displayed fingerprint is an ugly approach; with all
due respect, the only argument for taking that tack is that it's easier to code
than designing it correctly (i.e., in such a manner that it doesn't spit out the
answer to the question it's asking.)

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the openssh-unix-dev mailing list