Possible bug: SSH doesn't prefer host keys listed in SSHFP records while connecting.

Yegor Ievlev koops1997 at gmail.com
Sat Feb 23 07:17:57 AEDT 2019


Steps to reproduce:
1. Run a SSH server with default configuration and point a domain to it.
2. Add SSHFP record to the domain, but only for Ed25519 key.
3. Attempt to connect with VerifyHostKeyDNS set to yes, but the rest
of settings set to defaults.
4. OpenSSH defaults to ECDSA instead of Ed25519 and refuses connection
because there is no ECDSA fingerprint in SSHFP records.

A stopgap solution is to either delete all keys except Ed25519 from
the server or to always connect with HostKeyAlgorithms set to
ssh-ed25519. It would make more sense to treat SSHFP records in the
same way as known_hosts, e.g. if known_hosts already has a Ed25519
key, try to fetch a Ed25519 key instead of defaulting to ECDSA.


More information about the openssh-unix-dev mailing list