Known hosts and dynamic IP addresses
Darren Tucker
dtucker at zip.com.au
Mon Jul 7 07:36:47 EST 2003
Hadmut Danisch wrote:
> On Sun, Jul 06, 2003 at 08:38:54PM +0200, Thomas Binder wrote:
> > CheckHostIP no
>
> I urgently need to have the check performed, just with
> the dns name.
That's what "CheckHostIP no" does. What happened when you tried it?
$ man ssh_config
[snip]
CheckHostIP
If this flag is set to ``yes'', ssh will additionally
check the host IP address in the known_hosts file.
This allows ssh to detect if a host key changed due to
DNS spoofing. If the option is set to ``no'', the
check will not be executed. The default is ``yes''.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list