Call for testing: OpenSSH 8.2
Phil Pennock
phil.pennock at globnix.org
Thu Feb 6 15:37:36 AEDT 2020
On 2020-02-06 at 10:29 +1100, Damien Miller wrote:
> * sshd(8): allow the UpdateHostKeys feature to function when
> multiple known_hosts files are in use. When updating host keys,
> ssh will now search subsequent known_hosts files, but will add
> updated host keys to the first specified file only. bz2738
In testing this, when the impact is to _remove_ a known_hosts entry then
all the existing entries are deleted from the subsequent files, and the
remaining entries are added to the first file.
I initially assumed, on reading the email, that the logic was to not
assume that subsequent files are writable, but it seems that's not it.
Is this just a corner case that wasn't considered?
For myself I can live with this, as it fits my workflow:
~/.ssh/known_hosts is a small file of cruft and staging entries, and a
second file is in a shared git repo, so I usually migrate entries
manually.
-Phil
More information about the openssh-unix-dev
mailing list