Well, known_hosts isn't exactly trusted input, since it's usually composed of the keys you first encounter, without any additional checking, as opposed to (hopefully) correctly signed SSHFP records. On Sat, Feb 23, 2019 at 10:22 PM Peter Stuge <peter@xxxxxxxx> wrote: > > Yegor Ievlev wrote: > > > I think it's a very bad idea to have the client start treating foreign > > > network input as equivalent to local configuration. > > > > Well, SSHFP is supposed to only be used on DNSSEC-enabled domains. > > To the client it's still foreign input, even though it's signed by > (best case) the remote site DNS administrator. > > > //Peter > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@xxxxxxxxxxx > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev