http://bugzilla.mindrot.org/show_bug.cgi?id=910
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #954 is|0 |1
obsolete| |
Attachment #1052 is|0 |1
obsolete| |
Attachment #1073 is|0 |1
obsolete| |
------- Comment #40 from dtucker at zip.com.au 2006-05-06 14:31 -------
Created an attachment (id=1131)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1131&action=view)
Update patch #1073.
Updated the patch to OpenBSD-current. Simplified put_host_port by
using asprintf again (we now have it in Portable's libopenbsd-compat
for platforms that don't have a native one).
BTW we're not using the method in patch #1052 ("ip:host"
unconditionally) because it will invalidate all existing known_hosts
files (see comment #15).
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
http://bugzilla.mindrot.org/show_bug.cgi?id=910
------- Comment #41 from dtucker at zip.com.au 2006-05-06 14:50 -------
Created an attachment (id=1132)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1132&action=view)
Patch #1073 with fallback.
This is essentially the same as patch #1131, except that it also checks
for a matching hostkey without the port identifier.
Currently, if you have something like this in ssh_config:
Host foo
Hostname foo.example.com
Port 222
then you will have an entry like this in ssh_config:
foo.example.com ssh-rsa AAAA[...]
With patch #1131, this will no longer match since it's a non-default
port. This patch adds a second check for this condition, so the key
verification doesn't fail.
Note that this only occurs when a) you *do* use a non-default port and
b) you *don't* use a HostKeyAlias, so unless both of these are true
patch #1131 will behave the same as you're used to.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.