https://bugzilla.mindrot.org/show_bug.cgi?id=3826
Bug ID: 3826
Summary: add all of the remote's keys to .known_hosts
Product: Portable OpenSSH
Version: 10.0p2
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: [email protected]
Reporter: [email protected]
Whenever the remote host changes the order in which it offers host
keys, the user gets the warning about a possible man-in-the-middle
attack. This could be avoided if 'ssh' added ALL of the remote's keys
at once, whenever someone types "yes", instead of assuming that only
one key can authenticate the remote correctly. Once this has been
implemented, 'ssh' could warn if any of the known keys no longer is
valid and offer to remove it.
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
