[ https://issues.apache.org/jira/browse/SSHD-1255?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17542152#comment-17542152 ]
Thomas Wolf commented on SSHD-1255: ----------------------------------- {quote}(I suppose if the last host key was not an RSA key, the assumption is that the server will not offer an RSA key in key rotation.){quote} Heh. Apparently other people noticed that too, and it got fixed: https://bugzilla.mindrot.org/show_bug.cgi?id=3375 So the rule now is that the strongest RSA signature the client had proposed is used, even if some other key type was negotiated in KEX. > Support host key update and rotation in the client > -------------------------------------------------- > > Key: SSHD-1255 > URL: https://issues.apache.org/jira/browse/SSHD-1255 > Project: MINA SSHD > Issue Type: Improvement > Affects Versions: 2.8.0 > Reporter: Thomas Wolf > Priority: Major > > Add support for the {{hostkeys...@openssh.com}} and > {{hostkeys-prove...@openssh.com}} KEX extensions, including updating > {{known_hosts}}. > See https://github.com/openssh/openssh-portable/blob/807be6868/PROTOCOL#L286 . -- This message was sent by Atlassian Jira (v8.20.7#820007) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org