Please help test recent changes
Anton Khirnov
anton at khirnov.net
Mon Jan 17 19:22:09 AEDT 2022
Quoting Damien Miller (2022-01-06 23:52:09)
> 2. Restricted agent keys.
>
> This is a large set of changes to add destination- and path-restricted
> keys to ssh-agent. A full writeup is at on the website at
> https://www.openssh.com/agent-restrict.html - I'm interested to hear
> feedback on how this works in practice, UI and things that could be
> improved (as well as bug reports).
Can this be made to work when SSHFP host verification is used
(VerifyHostKeyDNS=yes) rather than known_hosts?
Otherwise this is great news - I've largely replaced my old key with a
FIDO token and one of the annoyances is the confirmation window not
telling me which host is it for.
--
Anton Khirnov
More information about the openssh-unix-dev
mailing list