cvs commit: src UPDATING
Bjoern A. Zeeb
bzeeb-lists at lists.zabbadoz.net
Wed Sep 3 09:50:08 UTC 2008
On Wed, 3 Sep 2008, Dag-Erling Smørgrav wrote:
Hi,
> "Bjoern A. Zeeb" <bzeeb-lists at lists.zabbadoz.net> writes:
>> So I had an updated ssh client in use since at least Aug 22 and it
>> didn't bother me to ask about any remote machines.
>>
>> Now that people are updating their 7-STABLE machines, those 7-STABLE
>> machines with an OpenSSH 5.1p1 start to pop up and do the DSA vs. RSA
>> fingerprint dance for the host keys (at least until I added this to
>> line 1 of my ~/.ssh/config as hinted with this UPDATING entry:
>> HostKeyAlgorithms ssh-dss,ssh-rsa
>> ).
>>
>> To my understanding this should have happened 10 days ago to me.
>> I wonder why the peer needs to be updated as well for this?
>
> Because older servers don't have RSA keys (or rather, they don't load
> them). Instead of just inverting the order, whoever decided that we
> should prefer DSA to RSA (before my time) just removed the two lines of
> code that load the RSA key.
>
> 8 will load both RSA and DSA keys, as intended. So will 7, but that was
> actually a mis-merge on my part. I will revert it as soon as I get
> re@'s approval.
Ah, makes much more sense now. Thanks for explaining (and fixing in 7:)
/bz
--
Bjoern A. Zeeb Stop bit received. Insert coin for new game.
More information about the cvs-src
mailing list