Permanently added hostkeys (due to IP address pool), without confirmation
Steffen Nurpmeso
sdaoden at yandex.com
Sat Oct 10 22:22:36 AEDT 2015
Damien Miller <djm at mindrot.org> wrote:
|On Fri, 9 Oct 2015, Steffen Nurpmeso wrote:
|You have CheckHostIP enabled (it is on by default) and some DNS server
|or hosts file is returning 104.46.105.89 for that hostname. When ssh
|connects to 104.46.105.89, it is offering the same key as you have
|already learned for 52.21.36.51, so it is automatically added to
|known_hosts.
|
|See ssh_config's entry on CheckHostIP for a few more details.
Yes (through default). Ok that explains the missing confirmation.
It's pretty clear from the manual, thank you.
--steffen
More information about the openssh-unix-dev
mailing list