diff options
| author |   markus <markus@openbsd.org> | 2002-07-24 16:11:18 +0000 |
|---|---|---|
| committer | markus <markus@openbsd.org> | 2002-07-24 16:11:18 +0000 |
| commit | c63a75f8d19a25d5301951410f1b302b673d5945 (patch) | |
| tree | c1b683465de0ea0e6a2e76bc50cc50e3d97e4263 /usr.bin/ssh/hostfile.h | |
| parent | - don't need mmio or io registers mapped for console use (diff) | |
| download | wireguard-openbsd-c63a75f8d19a25d5301951410f1b302b673d5945.tar.xz wireguard-openbsd-c63a75f8d19a25d5301951410f1b302b673d5945.zip | |
print out all known keys for a host if we get a unknown host key,
see discussion at http://marc.theaimsgroup.com/?t=101069210100016&r=1&w=4
the ssharp mitm tool attacks users in a similar way, so i'd like to
pointed out again:
A MITM attack is always possible if the ssh client prints:
The authenticity of host 'bla' can't be established.
(protocol version 2 with pubkey authentication allows you to detect
MITM attacks)
Diffstat (limited to 'usr.bin/ssh/hostfile.h')
| -rw-r--r-- | usr.bin/ssh/hostfile.h | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/usr.bin/ssh/hostfile.h b/usr.bin/ssh/hostfile.h index 0244fdb53ea..06373242147 100644 --- a/usr.bin/ssh/hostfile.h +++ b/usr.bin/ssh/hostfile.h @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.h,v 1.10 2001/12/18 10:04:21 jakob Exp $ */ +/* $OpenBSD: hostfile.h,v 1.11 2002/07/24 16:11:18 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -15,12 +15,14 @@ #define HOSTFILE_H typedef enum { - HOST_OK, HOST_NEW, HOST_CHANGED + HOST_OK, HOST_NEW, HOST_CHANGED, HOST_FOUND, } HostStatus; int hostfile_read_key(char **, u_int *, Key *); HostStatus check_host_in_hostfile(const char *, const char *, Key *, Key *, int *); int add_host_to_hostfile(const char *, const char *, Key *); +int +lookup_key_in_hostfile_by_type(const char *, const char *, int , Key *, int *); #endif |