changed UpdateHostKeys behaviour in current?

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

changed UpdateHostKeys behaviour in current?

tom ryan
I've just updated to the latest snap, and now every SSH connection I
make is asking me to accept updated hostkeys.

    $ ssh somehost
    Learned new hostkey: RSA SHA256:<snip>
    Learned new hostkey: ED25519 SHA256:<snip>
    Accept updated hostkeys? (yes/no):

I see that some changes have been occurring around UpdateHostKeys -
https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/ssh.c

Eg
https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/ssh.c?rev=1.415&content-type=text/x-cvsweb-markup

Is this expected behaviour? Kind of creepy to have every connection ask
to accept new host keys at the same time!

Thanks