tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

upstream commit 

turn UpdateHostkeys off by default until I figure out
 mlarkin@'s warning message; requested by deraadt@
This commit is contained in:
djm@openbsd.org 2015-02-02 07:41:40 +00:00 committed by Damien Miller
parent 3cd5103c1e
commit 15ad750e5e
2 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
readconf.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: readconf.c,v 1.230 2015/01/30 11:43:14 djm Exp $ */
/* $OpenBSD: readconf.c,v 1.231 2015/02/02 07:41:40 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -1855,7 +1855,7 @@ fill_default_options(Options * options)
if (options->fingerprint_hash == -1)
options->fingerprint_hash = SSH_FP_HASH_DEFAULT;
if (options->update_hostkeys == -1)
options->update_hostkeys = 1;
options->update_hostkeys = 0;
if (options->hostbased_key_types == NULL)
options->hostbased_key_types = xstrdup("*");

8
ssh_config.5
View File

@ -33,8 +33,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $OpenBSD: ssh_config.5,v 1.202 2015/01/30 11:43:14 djm Exp $
.Dd $Mdocdate: January 30 2015 $
.\" $OpenBSD: ssh_config.5,v 1.203 2015/02/02 07:41:40 djm Exp $
.Dd $Mdocdate: February 2 2015 $
.Dt SSH_CONFIG 5
.Os
.Sh NAME
@ -1511,9 +1511,9 @@ after authentication has completed and add them to
.Cm UserKnownHostsFile .
The argument must be
.Dq yes
(the default)
or
.Dq no .
.Dq no
(the default).
Enabling this option allows learning alternate hostkeys for a server
and supports graceful key rotation by allowing a server to send replacement
public keys before old ones are removed.