diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2021-01-08 05:49:13 +0100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2021-01-08 06:01:30 +0100 |
| commit | 6cb52d5bf771f6769b630fce35a8e9b8e433044f (patch) | |
| tree | 708cefda897b855a609eb54e163e35304ea98760 /readconf.c | |
| parent | Run tests with sudo for better coverage. (diff) | |
| download | openssh-6cb52d5bf771f6769b630fce35a8e9b8e433044f.tar.xz openssh-6cb52d5bf771f6769b630fce35a8e9b8e433044f.zip | |
upstream: make CheckHostIP default to 'no'. It doesn't provide any
perceptible value and makes it much harder for hosts to change host keys,
particularly ones that use IP-based load-balancing.
ok dtucker@
OpenBSD-Commit-ID: 0db98413e82074f78c7d46784b1286d08aee78f0
Diffstat (limited to 'readconf.c')
| -rw-r--r-- | readconf.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/readconf.c b/readconf.c index 2a7870a1d..37f92e25a 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.347 2020/12/22 03:05:31 tb Exp $ */ +/* $OpenBSD: readconf.c,v 1.348 2021/01/08 04:49:13 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -2297,7 +2297,7 @@ fill_default_options(Options * options) if (options->batch_mode == -1) options->batch_mode = 0; if (options->check_host_ip == -1) - options->check_host_ip = 1; + options->check_host_ip = 0; if (options->strict_host_key_checking == -1) options->strict_host_key_checking = SSH_STRICT_HOSTKEY_ASK; if (options->compression == -1) |