Re: Client-side public key causing mess

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Fri, 22 Apr 2016, Mauricio Tavares wrote:

> > ssh uses the public key to avoid loading or decrypting the private
> > key for cases were it isn't necessary. We should improve the handling
> > of cases where they don't match.
> >
>       But if it does not have the public key whose name matches the
> private key being used, it will still work, right? If that is the case
> I too think it should handle non-matching key pairs better. i.e.
> ignore behave as if there was just a private key there (which is how I
> use it). Or let user decide if it should warn, ignore completely, or
> quit.

Having a mismatched private and public key is an invalid configuration.
We don't need to implement complicated recovery logic for it, we can
just tell the user and they can fix it themself (or not).

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux