https://bugzilla.novell.com/show_bug.cgi?id=671820
https://bugzilla.novell.com/show_bug.cgi?id=671820#c7
--- Comment #7 from Michael Rutter 2011-05-25 12:31:06 UTC ---
Thanks for pointing out the ecdsa key regeneration problem.
It seems that this issue has been fixed by the openssh people already, see
https://bugzilla.mindrot.org/show_bug.cgi?id=1858 (which a colleague kindly
pointed out to me). As far as I can tell, that patch does cure the problem, and
will be in openssh 5.9.
I think that the above patch ought to go into an updated SuSE 11.4 ssh package,
if only so that 11.4's behaviour does not differ from both past and future
versions (assuming that the future versions will use openssh 5.9). However,
that is a decision for others.
Incidently, I am not sure that I agree with you that HostbasedAuthentication
should be reserved only to system accounts. I run 50+ "identical" machines with
a hundred or so users, and I certainly want people to be able to move between
machines readily. The old method involved hosts.equiv, and
HostbasedAuthentication seems much better. However, for root I do not allow
such access.
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.