CVSROOT: /cvs
Module name: src
Changes by: d...@cvs.openbsd.org 2015/01/25 20:04:46
Modified files:
usr.bin/ssh : PROTOCOL clientloop.c hostfile.c hostfile.h
readconf.c readconf.h ssh_config.5 sshconnect.c
sshd.c
Log message:
Host key rotation support.
Add a hostk...@openssh.com protocol extension (global request) for
a server to inform a client of all its available host key after
authentication has completed. The client may record the keys in
known_hosts, allowing it to upgrade to better host key algorithms
and a server to gracefully rotate its keys.
The client side of this is controlled by a UpdateHostkeys config
option (default on).
ok markus@
