https://bugzilla.mindrot.org/show_bug.cgi?id=2040
--- Comment #2 from Ondřej Caletka <ond...@caletka.cz> --- (In reply to comment #1) > Created attachment 2184 [details] > Handle future digest types correctly > > When testing, I also found out that when a SSHFP record for the host > uses digest type other than SHA1 or SHA256, the SSHFP check fails > even if SHA1 or SHA256 matches the offered host key. > > This patch changes this behavior to ignore future digest types. Feel free to test it using ssh -vv -o VerifyHostKeyDNS=yes -o HostKeyAlgorithms=ecdsa-sha2-nistp521 sshfp-test-newdigest.oskarcz.net -- You are receiving this mail because: You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs