X.509 support in ssh (revisited)
Damien Miller
djm at mindrot.org
Thu Jan 24 12:49:05 EST 2002
On Wed, 23 Jan 2002, Dan Kaminsky wrote:
> > > Okay... maybe someone has upgrade OpenSSH on the system and generated a
> > > new hostkey. How can you tell?
> >
> > well, there is no need to generate a new hostkey after an upgrade
> > of ssh. not even after an upgrade of the system.
>
> We really need a ./configure --with-upgrade to set all paths correctly such
> that this occurs more then one out of a hundred times.
OpenSSH's "make install" will never overwrite existing key files, I
can't see what more we can do than that.
-d
More information about the openssh-unix-dev
mailing list