ssh_config: set VerifyHostKeyDNS to ask

author Simon Ruderich <simon@ruderich.org>

Sat, 2 Jul 2016 10:08:01 +0000 (12:08 +0200)

committer Simon Ruderich <simon@ruderich.org>

Sat, 2 Jul 2016 10:08:01 +0000 (12:08 +0200)
author Simon Ruderich <simon@ruderich.org>
Sat, 2 Jul 2016 10:08:01 +0000 (12:08 +0200)
committer Simon Ruderich <simon@ruderich.org>
Sat, 2 Jul 2016 10:08:01 +0000 (12:08 +0200)
diff --git a/ssh_config b/ssh_config

index babd153a0cacd5593a0cba5754dc441fa213a96f..d24dc6dec8e781d62725c1aac07667a828f8ce83 100644 (file)
--- a/ssh_config
+++ b/ssh_config
@@ -132,5 +132,6 @@ Host *
      CheckHostIP yes
  # Ask before adding any host keys to ~/.ssh/known_hosts (default).
      StrictHostKeyChecking ask
-# Don't trust host keys from DNS' SSHFP resource records (default).
-    VerifyHostKeyDNS no
+# Check host keys from DNS' SSHFP resource records but ask apply
+# StrictHostKeyChecking before trusting them.
+    VerifyHostKeyDNS ask
author	Simon Ruderich <simon@ruderich.org>
	Sat, 2 Jul 2016 10:08:01 +0000 (12:08 +0200)
committer	Simon Ruderich <simon@ruderich.org>
	Sat, 2 Jul 2016 10:08:01 +0000 (12:08 +0200)