Client-side public key causing mess
Damien Miller
djm at mindrot.org
Sat Apr 23 10:39:50 AEST 2016
On Fri, 22 Apr 2016, Mauricio Tavares wrote:
> > ssh uses the public key to avoid loading or decrypting the private
> > key for cases were it isn't necessary. We should improve the handling
> > of cases where they don't match.
> >
> But if it does not have the public key whose name matches the
> private key being used, it will still work, right? If that is the case
> I too think it should handle non-matching key pairs better. i.e.
> ignore behave as if there was just a private key there (which is how I
> use it). Or let user decide if it should warn, ignore completely, or
> quit.
Having a mismatched private and public key is an invalid configuration.
We don't need to implement complicated recovery logic for it, we can
just tell the user and they can fix it themself (or not).
-d
More information about the openssh-unix-dev
mailing list