bugzilla-daemon at bugzilla.mindrot.org
2015-Oct-23 03:23 UTC
[Bug 1777] KnownHostsCommand
https://bugzilla.mindrot.org/show_bug.cgi?id=1777
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
--- Comment #3 from Damien Miller <djm at mindrot.org> ---
This is possible to do, but without some significant changes is likely
to be fairly inefficient.
ssh reads known_hosts a couple of times during connection. At least
once to figure out what host key algorithms are in use, then again to
verify the hostkey sent and (optionally) a couple of times to deal with
UpdateHostkeys messages from the server.
This could result in the KnownHostsCommand being run a bunch of times
and, unless it was very efficient, could make ssh pretty slow.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
Seemingly Similar Threads
- [Bug 1777] KnownHostsCommand
- [Bug 2631] New: Hostkey update and rotation - No IP entries added to known_hosts
- client host certificates and receiving host configuration
- [Bug 3643] New: order_hostkeyalgs can't find host-key in KnownHostsCommand if it contains port
- Call for testing: OpenSSH 6.8
Wisdom of the Ancients
