[Bug 2924] New: Order a limited host keys list in client based on the known hosts

Thu Nov 1 23:55:03 AEDT 2018

https://bugzilla.mindrot.org/show_bug.cgi?id=2924

            Bug ID: 2924
           Summary: Order a limited host keys list in client based on the
                    known hosts
           Product: Portable OpenSSH
           Version: 7.7p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Keywords: patch
          Severity: enhancement
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: jjelen at redhat.com

Created attachment 3198
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3198&action=edit
possibility to order host keys in client

The HostKeyAlgorithms option in the client has a difference from all
the other algorithm limiting options that should be sorted according to
the list of known hosts available. This works fine out of the box with
default negotiated list, but when one tries to limit (or extend) the
algorithm list to something else than default, the ordering is turned
off and one can simply hit the hostkey changed, even though it did not
change at all (only different one is offered for a connection).

There is attached proposed patch to implement new configuration option
HostKeyAlgorithmsOrder, which will turn on sorting also on the
user-provided list of host keys.

Other possibility to resolve this problem would be to introduce another
configuration option HostKeyAlgorithmsAllow or similar, which would
have this semantics (would be ordered before the algorithm
negotiation).

-- 
You are receiving this mail because:
You are watching the assignee of the bug.