missing host key should raise exception by default
Bug #724296 reported by
Andrew Wilkins
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Pushy |
Fix Released
|
Critical
|
Unassigned | ||
0.4 |
Fix Released
|
Critical
|
Unassigned |
Bug Description
Pushy configures Paramiko with the "AutoAddPolicy", which opens users to "man in the middle" attacks. This was fine when Pushy was used only by me, in a controlled network, but needs to be changed now. It should be configurable, with the default to reject.
Related branches
Changed in pushy: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
There is now a "missing_ host_key_ policy" keyword parameter for the Paramiko SSH transport. This should be set to one of the strings "reject" (the default), "warning", or "autoadd". Alternatively, it can be set to an instance of paramiko. MissingHostKeyP olicy (or a subclass).