Displaying 2 results from an estimated 2 matches for "phicoh".
Did you mean:
hicom
2018 Jan 11
3
sshfp/ldns still having issues in 7.6
> I replaced the ldns code with getdns. Works fine for more than a year now.
>
I am interested in how you did that. Would you mind sharing your procedure?
> I don't think anybody cares. I tried to tell people. But that had no
> effect.
>
There certainly is not as much talk about it as I would expect there to be.
2015 Jun 22
2
Small issue with DNSSEC / SSHFP
...plays a confusing
message to the user. When DNSSEC validation of a SSHFP record fails, ssh
presents the user with
"Matching host key fingerprint found in DNS.
"Are you sure you want to continue connecting (yes/no)?
(For example
$ ./ssh -o 'VerifyHostKeyDNS True' fx.dnssec-broken.phicoh.nl
Which has an intentionally broken DNSSEC delegation)
I propose to change that to:
"The DNS lookup was not secure, however a matching host key fingerprint was found in DNS."
This should make it clear to anyone who relies on DNSSEC that something went
wrong. A patch is at the end of th...