upstream commit
Host key rotation support.
Add a hostkeys@openssh.com protocol extension (global request) for
a server to inform a client of all its available host key after
authentication has completed. The client may record the keys in
known_hosts, allowing it to upgrade to better host key algorithms
and a server to gracefully rotate its keys.
The client side of this is controlled by a UpdateHostkeys config
option (default on).
ok markus@
diff --git a/hostfile.h b/hostfile.h
index 24c3813..9080b5e 100644
--- a/hostfile.h
+++ b/hostfile.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: hostfile.h,v 1.22 2015/01/18 21:40:24 djm Exp $ */
+/* $OpenBSD: hostfile.h,v 1.23 2015/01/26 03:04:45 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -44,6 +44,9 @@
int add_host_to_hostfile(const char *, const char *,
const struct sshkey *, int);
+int hostfile_replace_entries(const char *filename, const char *host,
+ struct sshkey **keys, size_t nkeys, int store_hash, int quiet);
+
#define HASH_MAGIC "|1|"
#define HASH_DELIM '|'