[prev in list] [next in list] [prev in thread] [next in thread]
List: openssh-bugs
Subject: [Bug 2894] New: Set UpdateHostKeys for interactive sessions to 'ask' (or consider defaulting to 'yes
From: bugzilla-daemon () bugzilla ! mindrot ! org
Date: 2018-08-11 12:08:05
Message-ID: bug-2894-705 () https ! bugzilla ! mindrot ! org/
[Download RAW message or body]
https://bugzilla.mindrot.org/show_bug.cgi?id=2894
Bug ID: 2894
Summary: Set UpdateHostKeys for interactive sessions to 'ask'
(or consider defaulting to 'yes')
Product: Portable OpenSSH
Version: 7.7p1
Hardware: Other
OS: Other
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs@mindrot.org
Reporter: db+mindrot@d1b.org
Set UpdateHostKeys for interactive invocations of ssh client to 'ask'
by default.
( Related this request, I notice that Fabric,
http://docs.fabfile.org/en/1.14/usage/ssh.html, defaults to loading and
using the known_hosts file **but** reject_unknown_hosts defaults to
false (so hosts that have never "been seen" are allowed) this combined
with Fabric seemingly preferring an rsa host key while I had an ecdsa
host key for $host would have allowed MITM attacks. )
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic