On Thu, 22 Oct 2020, Jochen Bern wrote: > On 22.10.20 00:37, Damien Miller wrote: > > The abilility to gracefully rotate persistent keys is a fundamental > > capability in a cryptosystem. Being able to migrate to better algorithms > > over time without breaking continuity of trust is a related capability. > > Both these are IMO serious omissions from the SSH standards. > > > > Not having these capabilities meant that servers used DSA longer than > > they should have, used RSA/1024 when they should have moved to longer > > key lengths and could not adopt better signature algorithms like Ed25519 > > when they became available. > > No contest there, but do you mean to say that UpdateHostKeys actually > enforces new algos and keys to be "better" than the currently-used one? > Per what, and whose (client/server), definition? Per the HostkeyAlgorithms list in the client. Think of it like this: UpdateHostkeys allows a server to inform the client of its set of keys. HostkeyAlgorithms (on the client) decides which the client actually uses. -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
