ECDSA and first connection; bug?
TJ Saunders
tj at castaglia.org
Tue Jan 25 09:40:50 EST 2011
> I'd like to do a protocol message for a server to send all its hostkeys
> to the client, but this would require a KEX extension and I'm not sure
> how compatible this would be with non-OpenSSH implementations.
What about supporting the publickey subsystem:
http://tools.ietf.org/html/draft-ietf-secsh-publickey-subsystem-08
and adding a message for requesting the hostkeys using that protocol?
That draft specifically states:
The public keys added, removed, and listed using this protocol are
specific and limited to those of the authenticated user.
But the protocol could be extended to allow for polling of the server's
hostkeys.
TJ
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thus I live in the world rather as a spectator of mankind than
as one of the species.
-Joseph Addison
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
More information about the openssh-unix-dev
mailing list