Hostbased login based on SSHFP DNS records?
Dominik Epple
Dominik.Epple at gmx.de
Sat Oct 18 01:33:34 EST 2008
Hi,
is it possible to use SSHFP DNS records to enable password-free host-based login?
What I already got working is to use SSHFP DNS records to verify the server host keys.
debug1: found 2 secure fingerprints in DNS
debug1: matching host key fingerprint found in DNS
But hostbased login does not work and I still need to supply a password to log in. (Or to configure a known_hosts file on the server where my host key can be checked. But it is exactly this file that I want to get rid of because keeping this file up to date on a large cluster is a pain.)
Or is this impossible by design because only fingerprints are stored in SSHFP records, and not the public keys themselves?
Regards,
Dominik
--
GMX Kostenlose Spiele: Einfach online spielen und Spaß haben mit Pastry Passion!
http://games.entertainment.gmx.net/de/entertainment/games/free/puzzle/6169196
More information about the openssh-unix-dev
mailing list