*** This bug is a duplicate of bug 1897744 ***
https://bugs.launchpad.net/bugs/1897744
@Dan - now I saw your update - that might have shortened my dnssec trip :-)
It indeed is a duplicate of that - marking as such.
** This bug has been marked a duplicate of bug 1897744
VerifyHostKeyDNS not working due to missing trust-ad flag
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1898590
Title:
Verify DNS fingerprints not working
Status in systemd:
Unknown
Status in glibc package in Ubuntu:
Invalid
Status in openssh package in Ubuntu:
Invalid
Status in systemd package in Ubuntu:
Fix Released
Status in systemd source package in Focal:
New
Status in openssh package in Debian:
Unknown
Bug description:
When setting in /etc/ssh/ssh_config VerifyHostKeyDNS to yes the fingerprints
are fetched, but the result is always:
debug1: found n insecure fingerprints in DNS
With dig +dnssec -tsshfp hostname the result is ok: ad flg is set.
To manage notifications about this bug go to:
https://bugs.launchpad.net/systemd/+bug/1898590/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
