hi, I recently committed an update of the code that handles lookup of SSHFP resource records in DNS. this code is now included by default, the old DNS and DNSSEC defines has been removed. for more information, read about VerifyHostKeyDNS in ssh_config(5) and check out README.dns. feedback would be appreciated, jakob
Possibly Parallel Threads
- Small issue with DNSSEC / SSHFP
- Possible bug: SSH doesn't prefer host keys listed in SSHFP records while connecting.
- feature request: modify getrrsetbyname() to use libunbound
- Possible bug: SSH doesn't prefer host keys listed in SSHFP records while connecting.
- [Bug 2022] New: ssh segfaults when using ldns, SSHFP, a DNSSEC-enabled resolver and a CNAME
Wisdom of the Ancients
