openssh/openssh-5.4p1-sshconfig-knownhostschanges.diff
OBS User autobuild 0dd322b228 Accepting request 35865 from Base:System
Copy from Base:System/openssh based on submit request 35865 from user dirkmueller

OBS-URL: https://build.opensuse.org/request/show/35865
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=40
2010-03-31 17:31:53 +00:00

21 lines
856 B
Diff

Index: ssh_config
===================================================================
--- ssh_config.orig
+++ ssh_config
@@ -67,5 +67,14 @@ ForwardX11Trusted yes
SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
SendEnv LC_IDENTIFICATION LC_ALL
-# VisualHostKey no
+# This will print the fingerprint of the host key in "visual" form
+# this should make it easier to also recognize bad things
+# (enabled for openSUSE Factory before 11.3, if too much people are against,
+# we can disable it again. meissner@novell.com)
+VisualHostKey yes
+
+# This will hash new host keys and make them so unusable for malicious
+# people or software trying to use known_hosts to find further hops.
+HashKnownHosts yes
+
# ProxyCommand ssh -q -W %h:%p gateway.example.com