Possible bug: SSH doesn't prefer host keys listed in SSHFP records while connecting.

Christoph Anton Mitterer calestyo at scientia.net
Mon Feb 25 11:51:16 AEDT 2019


On Sat, 2019-02-23 at 22:23 +0300, Yegor Ievlev wrote:
> Well, known_hosts isn't exactly trusted input, since it's usually
> composed of the keys you first encounter
If someone accepts keys without checking them, he cannot be helped.


>  without any additional
> checking, as opposed to (hopefully) correctly signed SSHFP records.
In fact, SSHFP is far less trustworthy, than properly exchanged host
keys (respectively fingerprints).

Anyone in the tree of the DNS down to the domain with your SSHFP RR has
the potential power to forge such RR.


C.



More information about the openssh-unix-dev mailing list