Pushy

missing host key should raise exception by default

Bug #724296 reported by Andrew Wilkins on 2011-02-24

256

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Pushy	Fix Released	Critical	Unassigned
	0.4	Fix Released	Critical	Unassigned

Bug Description

Pushy configures Paramiko with the "AutoAddPolicy", which opens users to "man in the middle" attacks. This was fine when Pushy was used only by me, in a controlled network, but needs to be changed now. It should be configurable, with the default to reject.

Related branches

lp:~axwalk/pushy/trunk

Revision history for this message

Andrew Wilkins (axwalk) wrote on 2011-02-24:

There is now a "missing_host_key_policy" keyword parameter for the Paramiko SSH transport. This should be set to one of the strings "reject" (the default), "warning", or "autoadd". Alternatively, it can be set to an instance of paramiko.MissingHostKeyPolicy (or a subclass).

visibility:	private → public
Changed in pushy:
status:	Confirmed → Fix Committed

Andrew Wilkins (axwalk) on 2011-03-05

Changed in pushy:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.