Home
last modified time | relevance | path

Searched hist:"83 c6a5242c80160fff76fb85454938761645b0c4" (Results 1 – 4 of 4) sorted by relevance

/freebsd/crypto/openssh/
H A Dssh_configdiff 41ff5ea22cb95deb9e7415510eb2f5f00b91537a Fri Feb 17 02:26:41 CET 2023 Ed Maste <emaste@FreeBSD.org> ssh: default VerifyHostKeyDNS to no, following upstream

Revert to upstream's default. Using VerifyHostKeyDNS may depend on a
trusted nameserver and network path.

This reverts commit 83c6a5242c80160fff76fb85454938761645b0c4.

Reported by: David Leadbeater, G-Research
Reviewed by: gordon
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D38648
diff 83c6a5242c80160fff76fb85454938761645b0c4 Wed Sep 11 00:30:22 CEST 2013 Dag-Erling Smørgrav <des@FreeBSD.org> Change the default value of VerifyHostKeyDNS to "yes" if compiled with
LDNS. With that setting, OpenSSH will silently accept host keys that
match verified SSHFP records. If an SSHFP record exists but could not
be verified, OpenSSH will print a message and prompt the user as usual.

Approved by: re (blanket)
H A DFREEBSD-upgradediff 41ff5ea22cb95deb9e7415510eb2f5f00b91537a Fri Feb 17 02:26:41 CET 2023 Ed Maste <emaste@FreeBSD.org> ssh: default VerifyHostKeyDNS to no, following upstream

Revert to upstream's default. Using VerifyHostKeyDNS may depend on a
trusted nameserver and network path.

This reverts commit 83c6a5242c80160fff76fb85454938761645b0c4.

Reported by: David Leadbeater, G-Research
Reviewed by: gordon
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D38648
H A Dssh_config.5diff 41ff5ea22cb95deb9e7415510eb2f5f00b91537a Fri Feb 17 02:26:41 CET 2023 Ed Maste <emaste@FreeBSD.org> ssh: default VerifyHostKeyDNS to no, following upstream

Revert to upstream's default. Using VerifyHostKeyDNS may depend on a
trusted nameserver and network path.

This reverts commit 83c6a5242c80160fff76fb85454938761645b0c4.

Reported by: David Leadbeater, G-Research
Reviewed by: gordon
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D38648
diff 83c6a5242c80160fff76fb85454938761645b0c4 Wed Sep 11 00:30:22 CEST 2013 Dag-Erling Smørgrav <des@FreeBSD.org> Change the default value of VerifyHostKeyDNS to "yes" if compiled with
LDNS. With that setting, OpenSSH will silently accept host keys that
match verified SSHFP records. If an SSHFP record exists but could not
be verified, OpenSSH will print a message and prompt the user as usual.

Approved by: re (blanket)
H A Dreadconf.cdiff 41ff5ea22cb95deb9e7415510eb2f5f00b91537a Fri Feb 17 02:26:41 CET 2023 Ed Maste <emaste@FreeBSD.org> ssh: default VerifyHostKeyDNS to no, following upstream

Revert to upstream's default. Using VerifyHostKeyDNS may depend on a
trusted nameserver and network path.

This reverts commit 83c6a5242c80160fff76fb85454938761645b0c4.

Reported by: David Leadbeater, G-Research
Reviewed by: gordon
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D38648
diff 83c6a5242c80160fff76fb85454938761645b0c4 Wed Sep 11 00:30:22 CEST 2013 Dag-Erling Smørgrav <des@FreeBSD.org> Change the default value of VerifyHostKeyDNS to "yes" if compiled with
LDNS. With that setting, OpenSSH will silently accept host keys that
match verified SSHFP records. If an SSHFP record exists but could not
be verified, OpenSSH will print a message and prompt the user as usual.

Approved by: re (blanket)