Host verification problem
Hadmut Danisch
hadmut at danisch.de
Mon May 16 21:01:02 EST 2005
On Mon, May 16, 2005 at 01:32:18PM +1000, Damien Miller wrote:
>
> If you care enough to write rants at the developers, then you should
> care enough to test the patch attached to the bug.
>
> >And by the way: A reverse lookup (unknown IP but host key found in the
> >list) wouldn't be that bad for dynamically assigned IP addresses (e.g.
> >ppp, dhcp).
>
> reverse dns can lie.
And you should read what I write before critizing it. I didn't write
anything about *DNS*. I was talking about host keys.
If you connect to an IP address not known in the host file yet,
ssh could look in the list of known host keys whether the key is
known and give the user the name of the machine instead of just a
hex string. What does this have to do with DNS?
Hadmut
More information about the openssh-unix-dev
mailing list