[Bug 1898590] Re: Verify DNS fingerprints not working
Andreas Tauscher
1898590 at bugs.launchpad.net
Fri Oct 9 15:44:08 UTC 2020
With @localhost as parameter it will use the local resolver.
Local resolver is unbound. The cr** systemd resolver is disabled.
Configuration is exactly same like on another machine where it is working like expected.
Only difference: Ubuntu 18.04 instead of 20.04.
On 18.04
debug1: found 3 secure fingerprints in DNS
With 20.04
debug1: found 3 insecure fingerprints in DNS
Also when I change the resolver this does not change. So the resolver seems not to be the problem.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1898590
Title:
Verify DNS fingerprints not working
Status in openssh package in Ubuntu:
New
Bug description:
When setting in /etc/ssh/ssh_config VerifyHostKeyDNS to yes the fingerprints are fetched, but the result is always:
debug1: found n insecure fingerprints in DNS
With dig +dnssec -tsshfp hostname the result is ok: ad flg is set.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1898590/+subscriptions
More information about the foundations-bugs
mailing list