Package: openssh-client
Version: 1:4.7p1-8
Severity: wishlist
Just an idea without having given it much thought:
if there are host key fingerprints in DNS, why not add
a configuration option to ssh_config so that I could say:
Host foo
HostKeyFingerprint 99:11:ed:30:03:41:ff:9f:f3:74:bd:7d:e1:8f:04:44
which would then cause even StrictHostKeyChecking to accept the host
key into .ssh/known_hosts if the fingerprint matched?
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.24-1+scoflowctrl.1-686 (SMP w/1 CPU core)
Locale: LANG=en_GB, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages openssh-client depends on:
ii adduser 3.107 add and remove users and groups
ii debconf [debconf-2.0] 1.5.21 Debian configuration management sy
ii dpkg 1.14.19 package maintenance system for Deb
ii libc6 2.7-11 GNU C Library: Shared libraries
ii libcomerr2 1.40.8-2 common error description library
ii libedit2 2.9.cvs.20050518-4 BSD editline and history libraries
ii libkrb53 1.6.dfsg.3-2 MIT Kerberos runtime libraries
ii libncurses5 5.6+20080503-1 Shared libraries for terminal hand
ii libssl0.9.8 0.9.8g-10 SSL shared libraries
ii passwd 1:4.1.1-1 change and administer password and
ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime
Versions of packages openssh-client recommends:
ii xauth 1:1.0.3-1 X authentication utility
-- no debconf information
--
.''`. martin f. krafft <madduck@debian.org>
: :' : proud Debian developer, author, administrator, and user
`. `'` http://people.debian.org/~madduck - http://debiansystem.info
`- Debian - when you have better things to do than fixing systems
Attachment:
digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/)