-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi, Dag-Erling,
Here is a patch from OpenBSD which makes ssh-keyscan to fetch ECDSA keys by default, to match the default hostkey algorithm. Cheers, - -- Xin LI <[email protected]> https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iQEcBAEBCAAGBQJP6KB6AAoJEG80Jeu8UPuz3ksIAJnPmcFBDE0Uc7wW7H9b2ug4 coILQXSBXlXZqHuGd6HqI7ghz3fthe8oKxvNkjhEcrngLGWi3UXIEEVHnJAtHJaT tzUwxLPK6bn2ZiIxTxjKEEmXhbyhlggSRDCLMXKsrrJYltL5VX6pM/jWACeBnegm xh38KZ7yh8AIAaFyZVGZcIbWd9Yw6DXc7gTt4ifVQ537TdFnMlowuqxT/g27tZaq /fbEozwCTXCpBNqkhLyROF7pNqEHvdKbN6BeLf//7gnOuof2h5VDElf9Lacnek92 kRPSw/gboPo6UEEZ1OdGjecUnBlePYxpxIs6np4hDWaniR4VNq+DczIcmTDSnO4= =OzCc -----END PGP SIGNATURE-----
Index: crypto/openssh/ssh-keyscan.c =================================================================== --- crypto/openssh/ssh-keyscan.c (revision 237520) +++ crypto/openssh/ssh-keyscan.c (working copy) @@ -57,7 +57,7 @@ int ssh_port = SSH_DEFAULT_PORT; #define KT_RSA 4 #define KT_ECDSA 8 -int get_keytypes = KT_RSA; /* Get only RSA keys by default */ +int get_keytypes = KT_RSA|KT_ECDSA;/* Get RSA and ECDSA keys by default */ int hash_hosts = 0; /* Hash hostname on output */
_______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
