upstream commit Host key rotation support. Add a hostkeys@openssh.com protocol extension (global request) for a server to inform a client of all its available host key after authentication has completed. The client may record the keys in known_hosts, allowing it to upgrade to better host key algorithms and a server to gracefully rotate its keys. The client side of this is controlled by a UpdateHostkeys config option (default on). ok markus@

commit: 8d4f87258f31cb6def9b3b55b6a7321d84728ff2 [log] [tgz]
author: djm@openbsd.org <djm@openbsd.org> Mon Jan 26 03:04:45 2015 +0000
committer: Damien Miller <djm@mindrot.org> Tue Jan 27 00:00:57 2015 +1100
tree: c98e66c1c0824f0b0e312d7b44d8eeac46265362
parent: 60b1825262b1f1e24fc72050b907189c92daf18e [diff] [blame]
diff --git a/hostfile.h b/hostfile.h
index 24c3813..9080b5e 100644
--- a/hostfile.h
+++ b/hostfile.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: hostfile.h,v 1.22 2015/01/18 21:40:24 djm Exp $ */
+/* $OpenBSD: hostfile.h,v 1.23 2015/01/26 03:04:45 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -44,6 +44,9 @@
 int	 add_host_to_hostfile(const char *, const char *,
     const struct sshkey *, int);
 
+int	 hostfile_replace_entries(const char *filename, const char *host,
+    struct sshkey **keys, size_t nkeys, int store_hash, int quiet);
+
 #define HASH_MAGIC	"|1|"
 #define HASH_DELIM	'|'
commit	8d4f87258f31cb6def9b3b55b6a7321d84728ff2	[log] [tgz]
author	djm@openbsd.org <djm@openbsd.org>	Mon Jan 26 03:04:45 2015 +0000
committer	Damien Miller <djm@mindrot.org>	Tue Jan 27 00:00:57 2015 +1100
tree	c98e66c1c0824f0b0e312d7b44d8eeac46265362
parent	60b1825262b1f1e24fc72050b907189c92daf18e [diff] [blame]