Discussion:
Client HostKeyAlgorithms ordering
Jakub Jelen
2018-11-01 13:32:21 UTC
Permalink
Hello all,
The HostKeyAlgorithms client option is the only option of the
algorithms selection, where the order has significant effect on the
behavior. This effectively prevents from limiting these algorithms or
extending the default list while preserving the sorting by the host
keys.

In the bug #2924 [1] I proposed a new configuration option, that allows
also ordering of the provided list preserving the current behavior by
default. Would such change be acceptable or should we rather introduce
a new configuration option HostKeyAlgorithmsAllow, which will allow
sorting this list by existing known hosts.

[1] https://bugzilla.mindrot.org/show_bug.cgi?id=2924

Regards,
--
Jakub Jelen
Software Engineer
Security Technologies
Red Hat, Inc.
Loading...