[PATCH] hostfile: list known names (if any) for new hostkeys
Heberlein, Kurt William
kurt.w.heberlein at hp.com
Fri Nov 8 08:09:50 EST 2013
Doesn't this play in the same space as StrictHostKeyChecking ? Doesn't it also sort of expose MITM if a known hostkey arrives from a different IP/named host?
Cheers, -Kurt
-----Original Message-----
From: openssh-unix-dev-bounces+kurt.w.heberlein=hp.com at mindrot.org [mailto:openssh-unix-dev-bounces+kurt.w.heberlein=hp.com at mindrot.org] On Behalf Of Oskari Saarenmaa
Sent: Thursday, November 07, 2013 2:48 PM
To: openssh-unix-dev at mindrot.org
Subject: Re: [PATCH] hostfile: list known names (if any) for new hostkeys
27.12.2012 17:15, Oskari Saarenmaa kirjoitti:
> When connecting to a host for which there's no known hostkey, check if the
> relevant key has been accepted for other hostnames. This is useful when
> connecting to a host with a dymamic IP address or multiple names.
Ping, anyone had a chance to look at this patch yet? I've also attached
it to bugzilla,
https://bugzilla.mindrot.org/show_bug.cgi?id=2131
Thanks,
Oskari
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev at mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
More information about the openssh-unix-dev
mailing list