summaryrefslogtreecommitdiffstats
path: root/debian/patches/mention-ssh-keygen-on-keychange.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/mention-ssh-keygen-on-keychange.patch')
-rw-r--r--debian/patches/mention-ssh-keygen-on-keychange.patch44
1 files changed, 44 insertions, 0 deletions
diff --git a/debian/patches/mention-ssh-keygen-on-keychange.patch b/debian/patches/mention-ssh-keygen-on-keychange.patch
new file mode 100644
index 0000000..cb227f8
--- /dev/null
+++ b/debian/patches/mention-ssh-keygen-on-keychange.patch
@@ -0,0 +1,44 @@
+From c8da63c601b5d44fd233548385809c9c3a2fa0b8 Mon Sep 17 00:00:00 2001
+From: Scott Moser <smoser@ubuntu.com>
+Date: Sun, 9 Feb 2014 16:10:03 +0000
+Subject: Mention ssh-keygen in ssh fingerprint changed warning
+
+Author: Chris Lamb <lamby@debian.org>
+Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1843
+Bug-Ubuntu: https://bugs.launchpad.net/bugs/686607
+Last-Update: 2017-08-22
+
+Patch-Name: mention-ssh-keygen-on-keychange.patch
+---
+ sshconnect.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/sshconnect.c b/sshconnect.c
+index 5f8c81b84..3ae20b74e 100644
+--- a/sshconnect.c
++++ b/sshconnect.c
+@@ -994,9 +994,13 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
+ error("%s. This could either mean that", key_msg);
+ error("DNS SPOOFING is happening or the IP address for the host");
+ error("and its host key have changed at the same time.");
+- if (ip_status != HOST_NEW)
++ if (ip_status != HOST_NEW) {
+ error("Offending key for IP in %s:%lu",
+ ip_found->file, ip_found->line);
++ error(" remove with:");
++ error(" ssh-keygen -f \"%s\" -R \"%s\"",
++ ip_found->file, ip);
++ }
+ }
+ /* The host key has changed. */
+ warn_changed_key(host_key);
+@@ -1005,6 +1009,9 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
+ error("Offending %s key in %s:%lu",
+ sshkey_type(host_found->key),
+ host_found->file, host_found->line);
++ error(" remove with:");
++ error(" ssh-keygen -f \"%s\" -R \"%s\"",
++ host_found->file, host);
+
+ /*
+ * If strict host key checking is in use, the user will have