From 8d4f87258f31cb6def9b3b55b6a7321d84728ff2 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 26 Jan 2015 03:04:45 +0000 Subject: upstream commit Host key rotation support. Add a hostkeys@openssh.com protocol extension (global request) for a server to inform a client of all its available host key after authentication has completed. The client may record the keys in known_hosts, allowing it to upgrade to better host key algorithms and a server to gracefully rotate its keys. The client side of this is controlled by a UpdateHostkeys config option (default on). ok markus@ --- readconf.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'readconf.h') diff --git a/readconf.h b/readconf.h index a23da110..7a8ae17c 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.106 2015/01/15 09:40:00 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.107 2015/01/26 03:04:45 djm Exp $ */ /* * Author: Tatu Ylonen @@ -146,7 +146,9 @@ typedef struct { char *revoked_host_keys; - int fingerprint_hash; + int fingerprint_hash; + + int update_hostkeys; char *ignored_unknown; /* Pattern list of unknown tokens to ignore */ } Options; -- cgit v1.2.1