[Bug 2924] Order a limited host keys list in client based on the known hosts
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Mon Jan 27 23:33:38 AEDT 2020
https://bugzilla.mindrot.org/show_bug.cgi?id=2924
--- Comment #5 from Jakub Jelen <jjelen at redhat.com> ---
Right. After the first successful authentication, the client will learn
all the server host keys and we should be able to validate whatever key
server provides according to our preference.
But getting over the first connection can still problem and it is hard
to guess how long it can take to make sure the users already connected
at least once to the particular host to be safe to roll out this
change.
Therefore I see the UpdateHostKeys as a good addition, but the attached
patch would still significantly simplify the migration path and
decrease user frustration when dealing with failed host key checking.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list