Page MenuHomeFreeBSD
Files F156442337

D38648.id117483.diff
No OneTemporary
Actions

D38648.id117483.diff
View Options

Index: crypto/openssh/FREEBSD-upgrade
===================================================================
--- crypto/openssh/FREEBSD-upgrade
+++ crypto/openssh/FREEBSD-upgrade
@@ -122,7 +122,6 @@
We've modified some configuration defaults in ssh:
- CheckHostIP defaults to "no".
- - VerifyHostKeyDNS defaults to "yes" if built with LDNS.
3) Canonic host names
Index: crypto/openssh/readconf.c
===================================================================
--- crypto/openssh/readconf.c
+++ crypto/openssh/readconf.c
@@ -2592,14 +2592,8 @@
options->rekey_limit = 0;
if (options->rekey_interval == -1)
options->rekey_interval = 0;
-#if HAVE_LDNS
- if (options->verify_host_key_dns == -1)
- /* automatically trust a verified SSHFP record */
- options->verify_host_key_dns = 1;
-#else
if (options->verify_host_key_dns == -1)
options->verify_host_key_dns = 0;
-#endif
if (options->server_alive_interval == -1)
options->server_alive_interval = 0;
if (options->server_alive_count_max == -1)
Index: crypto/openssh/ssh_config
===================================================================
--- crypto/openssh/ssh_config
+++ crypto/openssh/ssh_config
@@ -44,4 +44,3 @@
# ProxyCommand ssh -q -W %h:%p gateway.example.com
# RekeyLimit 1G 1h
# UserKnownHostsFile ~/.ssh/known_hosts.d/%k
-# VerifyHostKeyDNS yes
Index: crypto/openssh/ssh_config.5
===================================================================
--- crypto/openssh/ssh_config.5
+++ crypto/openssh/ssh_config.5
@@ -1991,10 +1991,7 @@
.Cm StrictHostKeyChecking
option.
The default is
-.Cm yes
-if compiled with LDNS and
-.Cm no
-otherwise.
+.Cm no .
.Pp
See also
.Sx VERIFYING HOST KEYS

File Metadata

Mime Type
text/plain
Expires
Thu, May 14, 5:39 PM (20 m, 57 s)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
33050797
Default Alt Text
D38648.id117483.diff (1 KB)

Event Timeline