https://bugzilla.mindrot.org/show_bug.cgi?id=3881
Darren Tucker <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #1 from Darren Tucker <[email protected]> --- (In reply to Dan Jacobson from comment #0) [...] > To resolve this, you just need to refresh the stored host key on your > computer. Run the command ssh-keygen -R jidanni.org to remove the > outdated key, then connect again with ssh -vv jidanni.org and accept the > new ED25519 key when prompted. That's not particularly good advice: when you reconnect the first time after deleting the host key you are vulnerable to a MITM attack. They should at least provide a secure method of verifying the new host key, or... $ telnet jidanni.org 22 Trying 69.163.177.88... Connected to jidanni.org. Escape character is '^]'. SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.13 That version has the UpdateHostKeys option (it was introduced[0] in 8.6) that allows the client to learn new host keys in a secure manner. Since this didn't happen presumably it's disabled in either the client or server? [0] https://www.openssh.com/releasenotes.html#8.6 -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
