Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 556912 - DNS SSHFP 4 2 records for git.gentoo.org and dev.gentoo.org, maybe others
Summary: DNS SSHFP 4 2 records for git.gentoo.org and dev.gentoo.org, maybe others
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Infrastructure
Classification: Unclassified
Component: Dev box issues (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Infrastructure
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-08-07 08:44 UTC by Michael Weber (RETIRED)
Modified: 2016-03-14 01:25 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Weber (RETIRED) gentoo-dev 2015-08-07 08:44:46 UTC 
Hi, 

please add the SSHFP 4 1 and 4 2 ressource records to dev.gentoo.org and git.gentoo.org. 

Current Situation with openssh[ldns], "VerifyHostKeyDNS ask" and "HostKeyAlgorithms ssh-ed25519,ssh-rsa,ssh-dss" pops up following waning

% ssh dev.gentoo.org     
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
SHA256:VdgzR4ihOvTR/kGaDi9BgTQH9nAyyvZS7jhkHQQ9pqw.
Please contact your system administrator.
Update the SSHFP RR in DNS with the new host key to get rid of this message.

Thanks in advance
Comment 1 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2016-03-14 01:25:56 UTC 
These records have been live for months.