On Fri, Feb 14, 2020 at 1:25 AM Damien Miller <djm@xxxxxxxxxxx> wrote: > A future release of OpenSSH will enable UpdateHostKeys by default to > allow the client to automatically migrate to better algorithms. > Users may consider enabling this option manually. When you say “enable UpdateHostKeys by default,” do you mean a future release of OpenSSH will default it to “ask”, or default it to “yes”? The only other option with no/ask/yes options that doesn’t default to no is StrictHostKeyChecking, which defaults to ask, so I suspect the future default will be ask, not yes. I ask (no pun intended, ha) because we’d like to set UpdateHostKeys _now_ to what the future default will be, but it’s not clear from the announcement whether the future default will be ask or yes. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
