Displaying 5 results from an estimated 5 matches for "check_host_ip".
2006 Feb 04
2
[PATCH] allow user to update changed key in known_hosts
...+454,10 @@
*intptr = value;
break;
+ case oOffendingKeyOverride:
+ intptr = &options->offending_key_override;
+ goto parse_flag;
+
case oCompression:
intptr = &options->compression;
goto parse_flag;
@@ -979,6 +985,7 @@
options->batch_mode = -1;
options->check_host_ip = -1;
options->strict_host_key_checking = -1;
+ options->offending_key_override = -1;
options->compression = -1;
options->tcp_keep_alive = -1;
options->compression_level = -1;
@@ -1073,6 +1080,8 @@
options->check_host_ip = 1;
if (options->strict_host_key_checking =...
2003 Mar 04
0
hashing known_hosts
...quot;, oClearAllForwardings },
{ "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost },
+#ifdef HASH_KNOWN_HOSTS
+ { "hashknownhosts", oHashKnownHosts },
+#endif
{ NULL, oBadOption }
};
@@ -380,6 +386,12 @@ parse_flag:
intptr = &options->check_host_ip;
goto parse_flag;
+#ifdef HASH_KNOWN_HOSTS
+ case oHashKnownHosts:
+ intptr = &options->hash_known_hosts;
+ goto parse_flag;
+#endif
+
case oStrictHostKeyChecking:
intptr = &options->strict_host_key_checking;
arg = strdelim(&s);
@@...
2002 Feb 13
0
[Bug 112] New: Using host key fingerprint instead of "yes"
...s key fingerprint is %s.\n"
"Are you sure you want to continue connecting "
"(yes/no)? ", host, ip, type, fp);
- xfree(fp);
- if (!confirm(prompt)) {
+ if (!confirm(prompt, fp)) {
+ xfree(fp);
goto fail;
}
+ xfree(fp);
}
if (options.check_host_ip && ip_status == HOST_NEW) {
snprintf(hostline, sizeof(hostline), "%s,%s", host, ip);
@@ -815,7 +818,7 @@
goto fail;
} else if (options.strict_host_key_checking == 2) {
if (!confirm("Are you sure you want "
- "to continue connecting (yes/no)? &q...
2015 Feb 19
2
Proposal: Allow HostKeyAlias to be used in hostname check against certificate principal.
Howdy --
I have a number of servers with host keys validated by certificates.
These systems are behind a load-balanced frontend, and the
certificates are signed as valid for the DNS name used by that common
frontend address.
This works well for the primary use case of the systems; however, when
wishing to address only a single unit within the pool, the certificate
cannot be used to validate that
2012 Dec 27
3
[PATCH] hostfile: list known names (if any) for new hostkeys
...;
+ load_hostkeys(host_hostkeys, host, NULL, user_hostfiles[i]);
for (i = 0; i < num_system_hostfiles; i++)
- load_hostkeys(host_hostkeys, host, system_hostfiles[i]);
+ load_hostkeys(host_hostkeys, host, NULL, system_hostfiles[i]);
ip_hostkeys = NULL;
if (!want_cert && options.check_host_ip) {
ip_hostkeys = init_hostkeys();
for (i = 0; i < num_user_hostfiles; i++)
- load_hostkeys(ip_hostkeys, ip, user_hostfiles[i]);
+ load_hostkeys(ip_hostkeys, ip, NULL, user_hostfiles[i]);
for (i = 0; i < num_system_hostfiles; i++)
- load_hostkeys(ip_hostkeys, ip, system_hostfile...