[PATCH] allow user to update changed key in known_hosts
Jirka Bohac
jbohac at jikos.cz
Sun Feb 5 23:54:19 EST 2006
Hi,
On Sun, Feb 05, 2006 at 02:22:02PM +0200, Roumen Petrov wrote:
> >I use ssh a lot and I often need to connect to hosts whose host key has
> >changed. If a host key of the remote host changes ssh terminates and the
> >user has to manually delete the offending host key from known_hosts.
>
> Use StrictHostKeyChecking=no for those hosts.
This is not what I want:
1) I want to be alerted that the remote host key has been changed and be
able to accept it as the new key for the host. I don't want to see
the warning each time I log in and learn to ignore it.
2) Even with StrictHostKeyChecking=no, I am not allowed to log in using a
password, can't forward X etc.
> >I talked to other people and they also seemed to be bothered by this
> >behaviour
>
> May be people who don't read manual pages will bother other too ?
Come on! I _did_ read the manpage and know what StrictHostKeyChecking
does. It's not what I want.
Even the author of the code probably thought similar functionality would
be good to have ... see the following comment from sshconnect.c
/*
* XXX Should permit the user to change to use the new id.
* This could be done by converting the host key to an
* identifying sentence, tell that the host identifies itself
* by that sentence, and ask the user if he/she whishes to
* accept the authentication.
*/
I am willing to finish what the author intended, because I really miss
the functionality. I'd just like to hear constructive suggestions.
Regards,
Jirka
More information about the openssh-unix-dev
mailing list