Call for testing: OpenSSH 8.2

Damien Miller djm at mindrot.org
Tue Feb 11 09:52:53 AEDT 2020


On Mon, 10 Feb 2020, Aham Brahmasmi wrote:

> Firstly, thank you for switching back the default of UpdateHostKeys to
> no.
> 
> Secondly, I (n=1) think that UpdateHostKeys can be set to yes (or ask)
> by volks who wish to perform key rotation using ssh.
> 
> However, switching it to yes (or ask) for everyone in future may not be
> desirable. I say this because I think that the ssh client should only
> read from the configuration. Updates to known_hosts could happen outside
> the ssh system.

That's not true though - ssh will update known_hosts with new keys
already (subject to confirmation) and will automatically add IP addresses
it learns for existing hostnames (without confirmation under default
conditions).

> I am aware of the trust-on-first-use scenario where the client first
> gets user confirmation about the server key and then writes it to
> known_hosts.
> 
> But I am unable to understand why it should also switch the underlying
> host keys by default (in future). I may be wrong here, but in my mind,
> that seems like auto-magic.

The problem we're trying to solve is being able to move to better
cryptography over time. If you learnt a ssh-dss key back in 2002, but
the server offers a ssh-ed25519 key in 2020 then we should definitely
use the latter.

So my plan is to fix the remaining corner cases in UpdateHostkeys
and try to enable UpdateHostkeys=yes for cases where the user has not
overridden known_hosts after openssh-8.2 has been released.

-d



More information about the openssh-unix-dev mailing list