Hello, This hostkeys extension is great, reading[1]: """ OpenSSH supports a protocol extension allowing a server to inform a client of all its protocol v.2 host keys after user-authentication has completed. """ I wonder, why should user authentication be completed before this functionality is available? This means that ssh-keyscan tool (for example) cannot take advantage of the functionality. The only reason I could think of (apart of sshd internal implementation ordering) is to avoid cpu load attack of anonymous clients forcing server to perform expensive operations. However, a similar attack can be achieved by multiple connections and/or re-kex. In sshd.c I see hostkeys-00@xxxxxxxxxxx sent before calling do_authenticated(), so I even more curios. Thanks! Alon Bar-Lev. [1] https://github.com/openssh/openssh-portable/blob/master/PROTOCOL#L284 _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev