Wojtek Pilorz <[EMAIL PROTECTED]> writes:
> On 28 Sep 1999, Niels M�ller wrote:
>
> > When connecting, the client should look for a file
> > .lsh/known_hosts/FQDN, where FQDN is the target host name provided by
> > the user, preferably completed to a fully qualified domain name (I
>
> Could the completion be optional?
> I like the feature of ssh1 that host name to be taken from (or added to)
> ssh_known_hosts or .ssh/known_hosts is exactly what I specify as host
> name to ssh client. For hosts in the private network I use not DNS, just
> /etc/hosts, and when I move a host to another location (so IP address is
> changed), I just chenge /etc/hosts files on clients and need not touch
> any ssh configuration files;
Obviously, the completion to a FQDN cannot be done for names that are
not in DNS. Personally, I think it annoying to have several entries
for the same machine, just because I sometimes write
"sanna.lysator.liu.se" and somtimes just "sanna". But it would make
sense to make this optional.
A more serious problem is that I plan to switch from gethostbyname to
the asyncronous adns resolver library. And adns will pretty much fail
if names are not in the DNS. It would be straightforward to read
/etc/hosts, but it would be painful to add support for all other
obscure mechanisms (yp, nis+, ...) people are using to resolv names.
So I guess we have to keep gethostbyname as a compile time or run time
option.
I think Ian's (adns author) view is that you ought to have all your
hostnames in DNS, even those name that you also list in /etc/hosts.
And I think that is good advice.
> Also, I like the text format of ssh1 databases (because of stricter
> licensing I do not use (and do not know) ssh2), and the freedom of
> choosing tools I need (like vi, sed, etc).
Have you looked at the s-exp format used by spki? It's a little more
complex than ssh1's format, but it should be fairly straight-forward
to handle with ordinary text-processing tools. You can use the
sexp_conv program to transform the machine-friendly variants of
s-expressions into the more human-readable variant.
/Niels
