From c960286445eb68fac5bb495df021d0dcf22ec4de Mon Sep 17 00:00:00 2001 From: des Date: Tue, 10 Sep 2013 22:30:22 +0000 Subject: Change the default value of VerifyHostKeyDNS to "yes" if compiled with LDNS. With that setting, OpenSSH will silently accept host keys that match verified SSHFP records. If an SSHFP record exists but could not be verified, OpenSSH will print a message and prompt the user as usual. Approved by: re (blanket) --- crypto/openssh/readconf.c | 6 ++++++ crypto/openssh/ssh_config | 1 + crypto/openssh/ssh_config.5 | 5 ++++- 3 files changed, 11 insertions(+), 1 deletion(-) diff --git a/crypto/openssh/readconf.c b/crypto/openssh/readconf.c index 2543d68..c99ea66 100644 --- a/crypto/openssh/readconf.c +++ b/crypto/openssh/readconf.c @@ -1435,8 +1435,14 @@ fill_default_options(Options * options) options->enable_ssh_keysign = 0; if (options->rekey_limit == -1) options->rekey_limit = 0; +#if HAVE_LDNS + if (options->verify_host_key_dns == -1) + /* automatically trust a verified SSHFP record */ + options->verify_host_key_dns = 1; +#else if (options->verify_host_key_dns == -1) options->verify_host_key_dns = 0; +#endif if (options->server_alive_interval == -1) options->server_alive_interval = 0; if (options->server_alive_count_max == -1) diff --git a/crypto/openssh/ssh_config b/crypto/openssh/ssh_config index 2917477..67b5d9f 100644 --- a/crypto/openssh/ssh_config +++ b/crypto/openssh/ssh_config @@ -46,4 +46,5 @@ # PermitLocalCommand no # VisualHostKey no # ProxyCommand ssh -q -W %h:%p gateway.example.com +# VerifyHostKeyDNS yes # VersionAddendum FreeBSD-20130515 diff --git a/crypto/openssh/ssh_config.5 b/crypto/openssh/ssh_config.5 index 4cbaee9..4521f40 100644 --- a/crypto/openssh/ssh_config.5 +++ b/crypto/openssh/ssh_config.5 @@ -1219,7 +1219,10 @@ The argument must be or .Dq ask . The default is -.Dq no . +.Dq yes +if compiled with LDNS and +.Dq no +otherwise. Note that this option applies to protocol version 2 only. .Pp See also -- cgit v1.1