From 44732de06884238049f285f1455b2181baa7dc82 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 20 Feb 2015 22:17:21 +0000 Subject: upstream commit UpdateHostKeys fixes: I accidentally changed the format of the hostkeys@openssh.com messages last week without changing the extension name, and this has been causing connection failures for people who are running -current. First reported by sthen@ s/hostkeys@openssh.com/hostkeys-00@openssh.com/ Change the name of the proof message too, and reorder it a little. Also, UpdateHostKeys=ask is incompatible with ControlPersist (no TTY available to read the response) so disable UpdateHostKeys if it is in ask mode and ControlPersist is active (and document this) --- ssh.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'ssh.c') diff --git a/ssh.c b/ssh.c index 430773c74..57b53fb28 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.414 2015/01/20 23:14:00 deraadt Exp $ */ +/* $OpenBSD: ssh.c,v 1.415 2015/02/20 22:17:21 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1072,6 +1072,12 @@ main(int ac, char **av) strcmp(options.proxy_command, "-") == 0 && options.proxy_use_fdpass) fatal("ProxyCommand=- and ProxyUseFDPass are incompatible"); + if (options.control_persist && + options.update_hostkeys == SSH_UPDATE_HOSTKEYS_ASK) { + debug("UpdateHostKeys=ask is incompatible with ControlPersist; " + "disabling"); + options.update_hostkeys = 0; + } #ifndef HAVE_CYGWIN if (original_effective_uid != 0) options.use_privileged_port = 0; -- cgit v1.2.3