Possible bug: SSH doesn't prefer host keys listed in SSHFP records while connecting.

Yegor Ievlev koops1997 at gmail.com
Sun Feb 24 06:23:45 AEDT 2019


Well, known_hosts isn't exactly trusted input, since it's usually
composed of the keys you first encounter, without any additional
checking, as opposed to (hopefully) correctly signed SSHFP records.

On Sat, Feb 23, 2019 at 10:22 PM Peter Stuge <peter at stuge.se> wrote:
>
> Yegor Ievlev wrote:
> > > I think it's a very bad idea to have the client start treating foreign
> > > network input as equivalent to local configuration.
> >
> > Well, SSHFP is supposed to only be used on DNSSEC-enabled domains.
>
> To the client it's still foreign input, even though it's signed by
> (best case) the remote site DNS administrator.
>
>
> //Peter
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


More information about the openssh-unix-dev mailing list