Rebuild of openssh in unstable for DNSSEC functionality
Hi,
using a DNSSEC authenticated SSHFP fingerprint to authenticate the
remote host (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572049)
does not work even in unstable at the moment, because eglibc 2.11
entered unstable only after the latest build of openssh and
RES_USE_DNSSEC was not defined in 2.10.
debug1: found 1 insecure fingerprints in DNS
debug1: matching host key fingerprint found in DNS
The authenticity of host 'proplay.mucip.net (2001:1608:12::297)' can't
be established.
RSA key fingerprint is 37:34:90:ce:38:1b:71:25:c9:0a:5a:f8:73:de:23:9d.
Matching host key fingerprint found in DNS.
Are you sure you want to continue connecting (yes/no)? ^C
Just rebuilding your 5.5p4 with a current squeeze fixes this
debug1: found 1 secure fingerprints in DNS
debug1: matching host key fingerprint found in DNS
debug1: ssh_rsa_verify: signature correct
Please consider rebuilding the package (by uploading a new version) if
you are not planning to do that in the near future anyway.
Thanks,
Bernhard
Reply to: