-
Notifications
You must be signed in to change notification settings - Fork 12
/
BUGS
34 lines (25 loc) · 1.13 KB
/
BUGS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
KNOWN BUGS:
20110413
- dane for ipv6 always gives (2001:4178:2:1269::12): (-9, 'Address family for hostname not supported') even on systems with proper ipv6 support.
20100914
- sshfp -k ~/.ssh/known_hosts -a does not work as expected, because of
internal confusion about -k requiring an argument or not (-k vs -s)
20061101
- IPv6 untested and might not work at all.
20061016
- Scanning in-addr.arpa for PTR records to add sshfp records is missing.
20061004
- Using opts.append(x) does not work, as x is never appended to the current
loop. This means the whole option processing needs to become re-entrant
after fixing an argument. yuck.
20060927
- sshfp -a xelerance.com @ns1.xelerance.com does not work as expected.
- Running sshfp against the same nameserver twice using -a @ns0 gives
different output all the time. Looks like ssh-keyscan is sensitive
to failures.
20060921:
- If a zone contains non-working glue A records, then ssh-keyscan aborts.
Bug reported upstream http://bugzilla.mindrot.org/show_bug.cgi?id=1213
FEATURE reqeust:
- Some mode (-V) that verifies all keys in knownhosts file and compares
them with a scan