[Bug 80] Host key conflict with two servers on one IP

Carson Gaspar carson at taltos.org
Sun Jan 27 08:05:34 EST 2002


> ------- Additional Comments From dan at doxpara.com  2002-01-26 10:54 -------

> We identify by destination, not by route.

OK, I have an idea, but I don't know, protocol-wise, if it's possible. Does 
the server send it's name before the client has to verify the key, or 
after? If before, ssh should look up the host key by the server's in-band 
name (similar to the HostAuth behaviour). This would actually map the key 
to the identity at layer 7, and avoid the layering violation of using layer 
3/4 data, or requiring the user to manually map things.

-- 
Carson Gaspar - carson at taltos.org
Queen Trapped in a Butch Body




More information about the openssh-unix-dev mailing list