Known hosts and dynamic IP addresses
Dan Kaminsky
dan at doxpara.com
Mon Jul 7 02:08:49 EST 2003
>Therefore, an option should be invented which allows to
>store the host key under the DNS name only.
>
>
Why are we storing IP addresses in known_hosts files anyway? It doesn't
appear to be universal -- SSH2 only, perhaps? -- and as Hadmut points
out, it's plainly wrong (IP != Identity, thus HostKeyAlias and the whole
existence of cryptographic authentication).
--Dan
More information about the openssh-unix-dev
mailing list