Namaste misc, Could I request the ssh volks to please switch the default for UpdateHostKeys back to "no"?
The default for UpdateHostKeys has been very recently switched to "ask" from the earlier default of "no" in rev 1.323 of the file src/usr.bin/ssh/readconf.c [1]. This default has been further switched to "yes" in rev 1.324, if only the default known_hosts files are in use, or "ask" in case of non-default known_hosts files [2]. Key rotation is a challenge, and it is great that OpenSSH has the ability to assist in this. And those who wish to, can set their client configs to "ask" or "yes". But I am not sure that switching the default to "yes" or "ask"[3] for everyone is advisable. I (n=1) think it is preferable for the ssh client to only read from the known hosts file, and the updates to that file be handled outside the ssh system. To my mind, "yes" seems like auto-magic. As an example, in the case that I outlined in my recent bug report [4], if not for the check in host_delete function, the host certificate authority public key would have been removed from the client known_hosts files. Dhanyavaad, ab [1] - https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/readconf.c.diff?r1=1.322&r2=1.323&f=h [2] - https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/readconf.c.diff?r1=1.323&r2=1.324&f=h [3] - The "ask" is equivalent to "yes" in operational terms - users say "yes" - Always. No exceptions (<cough>TrainedByWindows(c)(TM)<cough>). [4] - https://marc.info/?l=openbsd-misc&m=158047930331003&w=2 ---------|---------|---------|---------|---------|---------|---------|--
