commit | 8d4f87258f31cb6def9b3b55b6a7321d84728ff2 | [log] [tgz] |
---|---|---|
author | djm@openbsd.org <djm@openbsd.org> | Mon Jan 26 03:04:45 2015 +0000 |
committer | Damien Miller <djm@mindrot.org> | Tue Jan 27 00:00:57 2015 +1100 |
tree | c98e66c1c0824f0b0e312d7b44d8eeac46265362 | |
parent | 60b1825262b1f1e24fc72050b907189c92daf18e [diff] |
upstream commit Host key rotation support. Add a hostkeys@openssh.com protocol extension (global request) for a server to inform a client of all its available host key after authentication has completed. The client may record the keys in known_hosts, allowing it to upgrade to better host key algorithms and a server to gracefully rotate its keys. The client side of this is controlled by a UpdateHostkeys config option (default on). ok markus@