cvs commit: src UPDATING

Bjoern A. Zeeb bzeeb-lists at
Wed Sep 3 01:01:11 UTC 2008

On Mon, 1 Sep 2008, Dag-Erling Smorgrav wrote:


> des         2008-09-01 23:50:56 UTC
>  FreeBSD src repository
>  Modified files:
>    .                    UPDATING
>  Log:
>  SVN rev 182662 on 2008-09-01 23:50:56Z by des
>  Belatedly add a notice about the reversed order of preference for OpenSSH
>  authentication keys.

So I had an updated ssh client in use since at least Aug 22 and it
didn't bother me to ask about any remote machines.

Now that people are updating their 7-STABLE machines, those 7-STABLE
machines with an OpenSSH 5.1p1 start to pop up and do the DSA vs. RSA
fingerprint dance for the host keys (at least until I added this to
line 1 of my ~/.ssh/config as hinted with this UPDATING entry:
 	HostKeyAlgorithms ssh-dss,ssh-rsa

To my understanding this should have happened 10 days ago to me.
I wonder why the peer needs to be updated as well for this?

Is this because sshds up to now only advertised dss (also on stable)
and with the update to 5.1p1 start to advertise rsa,dss and with the
updated client rsa matches?

In that case that would mean that stable users would see that as well?
Or at least STABLE sshds would behave different on new clients?
That could potentially break auto-pilot setups for people on the
stable branch?

/bz, highly confused (and tired)

Bjoern A. Zeeb              Stop bit received. Insert coin for new game.

More information about the cvs-all mailing list