https://bugzilla.mindrot.org/show_bug.cgi?id=3157
--- Comment #3 from Paul Kapp <[email protected]> --- Yes, this patch does happen to fix the particular case, but not the general case. From my example, my test server had an ed25519 host key signed by an ed25519 CA, and the client did include a request for host key/cert of type [email protected]. The remote host may have a certificate of type [email protected] signed by that same ed25519 CA, which would also be acceptable. If the remote host had only that cert available, the host validation would fail, since the client does not include [email protected] in its priority list. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
