https://bugzilla.mindrot.org/show_bug.cgi?id=2924
--- Comment #5 from Jakub Jelen <[email protected]> --- Right. After the first successful authentication, the client will learn all the server host keys and we should be able to validate whatever key server provides according to our preference. But getting over the first connection can still problem and it is hard to guess how long it can take to make sure the users already connected at least once to the particular host to be safe to roll out this change. Therefore I see the UpdateHostKeys as a good addition, but the attached patch would still significantly simplify the migration path and decrease user frustration when dealing with failed host key checking. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
