add NoHostAuthenticationForLocalhost; note that the hostkey is

now check for localhost, too.
author: markus <markus@openbsd.org> 2001-10-01 21:51:16 +0000
committer: markus <markus@openbsd.org> 2001-10-01 21:51:16 +0000
commit: 417997815730021822cdd28e3444c0b67f8b8981 (patch)
tree: 61a3ca1b78345e49f38b1d3bab489d808ba80b8e /usr.bin/ssh/sshconnect.c
parent: remove ugliness; vp@drexel.edu via angelos (diff)
download: wireguard-openbsd-417997815730021822cdd28e3444c0b67f8b8981.tar.xz
wireguard-openbsd-417997815730021822cdd28e3444c0b67f8b8981.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/usr.bin/ssh/sshconnect.c b/usr.bin/ssh/sshconnect.c
index 314de98f518..2e559115667 100644
--- a/usr.bin/ssh/sshconnect.c
+++ b/usr.bin/ssh/sshconnect.c
@@ -13,7 +13,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect.c,v 1.110 2001/07/25 14:35:18 markus Exp $");
+RCSID("$OpenBSD: sshconnect.c,v 1.111 2001/10/01 21:51:16 markus Exp $");
 
 #include <openssl/bn.h>
 
@@ -575,7 +575,8 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
 		local = 0;
 		break;
 	}
-	if (local && options.host_key_alias == NULL) {
+	if (options.no_host_authentication_for_localhost == 1 && local &&
+	    options.host_key_alias == NULL) {
 		debug("Forcing accepting of host key for "
 		    "loopback/localhost.");
 		return 0;
author	markus <markus@openbsd.org>	2001-10-01 21:51:16 +0000
committer	markus <markus@openbsd.org>	2001-10-01 21:51:16 +0000
commit	417997815730021822cdd28e3444c0b67f8b8981 (patch)
tree	61a3ca1b78345e49f38b1d3bab489d808ba80b8e /usr.bin/ssh/sshconnect.c
parent	remove ugliness; vp@drexel.edu via angelos (diff)
download	wireguard-openbsd-417997815730021822cdd28e3444c0b67f8b8981.tar.xz wireguard-openbsd-417997815730021822cdd28e3444c0b67f8b8981.zip