https://bugzilla.mindrot.org/show_bug.cgi?id=2894
Bug ID: 2894 Summary: Set UpdateHostKeys for interactive sessions to 'ask' (or consider defaulting to 'yes') Product: Portable OpenSSH Version: 7.7p1 Hardware: Other OS: Other Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-b...@mindrot.org Reporter: db+mind...@d1b.org Set UpdateHostKeys for interactive invocations of ssh client to 'ask' by default. ( Related this request, I notice that Fabric, http://docs.fabfile.org/en/1.14/usage/ssh.html, defaults to loading and using the known_hosts file **but** reject_unknown_hosts defaults to false (so hosts that have never "been seen" are allowed) this combined with Fabric seemingly preferring an rsa host key while I had an ecdsa host key for $host would have allowed MITM attacks. ) -- You are receiving this mail because: You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs