Host key verification criteria

[GoogleCodeExporter]

I need to:

* Verify that the criteria for checking entries in known_hosts is correct
and secure. Would it be sin to validate against IP when connecting to a
hostname? Should I be checking (hostname,IP) pair? Should we validate if
the FQDN is a known host? WhdoesOpenSSHdoexactly?

* Verify that hostbased auth works since my testing while implementing was
hackish. Is the API appropriate?

* Verify windowing implementation

Original issue reported on code.google.com by shik...@gmail.com on 26 Jul 2009 at 10:00

[GoogleCodeExporter]

>> * Verify that the criteria for checking entries in known_hosts is correct
and secure. Would it be sin to validate against IP when connecting to a
hostname? Should I be checking (hostname,IP) pair? Should we validate if
the FQDN is a known host? WhdoesOpenSSHdoexactly?

OpenSSH seems to just go with whatever hostname you provide on command-line, 
and not
go to lengths to do a name-resolution etc. This seems sensible, really.

So now SSHClient overrides SocketClient's connect(*) methods where the user 
directly
provides a hostname, and additionally saves this hostname. This gets passed on 
to
TransportProtocol in init(String,Socket). If the hostname is not null, it will 
be
used for host key verification; otherwise the socket's
.getRemoteAddress().getHostName() [no other way to gauge user intent, or is 
there... hm]

< Note that wherever "hostname" was used might well be an IP address string >

Original comment by shik...@gmail.com on 16 Aug 2009 at 12:03

[GoogleCodeExporter]

>>> 

* Verify that hostbased auth works since my testing while implementing was
hackish. Is the API appropriate?

* Verify windowing implementation

<<<

Moving to separate issue, closing this.

Original comment by shik...@gmail.com on 16 Aug 2009 at 12:12

• Changed title: Host key verification criteria

[GoogleCodeExporter]

Original comment by shik...@gmail.com on 16 Aug 2009 at 12:12

• Changed state: Fixed