diff options
| author | mouring <mouring> | 2002-08-01 01:21:56 +0000 |
|---|---|---|
| committer | mouring <mouring> | 2002-08-01 01:21:56 +0000 |
| commit | e2faa7d49a27db08976364d504e8a360eba83046 (patch) | |
| tree | c3437e6ffbdf88e6d57a80f8730a96ecdc0737e5 /hostfile.h | |
| parent | 16de941948e726893a10ca36773c64d84a5e8c6f (diff) | |
| download | openssh-e2faa7d49a27db08976364d504e8a360eba83046.tar.gz | |
- markus@cvs.openbsd.org 2002/07/24 16:11:18
[hostfile.c hostfile.h sshconnect.c]
print out all known keys for a host if we get a unknown host key,
see discussion at http://marc.theaimsgroup.com/?t=101069210100016&r=1&w=4
the ssharp mitm tool attacks users in a similar way, so i'd like to
pointed out again:
A MITM attack is always possible if the ssh client prints:
The authenticity of host 'bla' can't be established.
(protocol version 2 with pubkey authentication allows you to detect
MITM attacks)
Diffstat (limited to 'hostfile.h')
| -rw-r--r-- | hostfile.h | 6 |
1 files changed, 4 insertions, 2 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.h,v 1.10 2001/12/18 10:04:21 jakob Exp $ */ +/* $OpenBSD: hostfile.h,v 1.11 2002/07/24 16:11:18 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -15,12 +15,14 @@ #define HOSTFILE_H typedef enum { - HOST_OK, HOST_NEW, HOST_CHANGED + HOST_OK, HOST_NEW, HOST_CHANGED, HOST_FOUND, } HostStatus; int hostfile_read_key(char **, u_int *, Key *); HostStatus check_host_in_hostfile(const char *, const char *, Key *, Key *, int *); int add_host_to_hostfile(const char *, const char *, Key *); +int +lookup_key_in_hostfile_by_type(const char *, const char *, int , Key *, int *); #endif |