SSHClient: request host key type from known_hosts (backport) #945
This is a backport of #910 to the 1.18 (PyCrypto) branch. This is because I think this is particularly important.
There are a few good ways to manage a
Without this fix, when a host public key is in
And, this is a pretty common case - allowing missing host keys is a common default, and this case where paramiko requests a different type of host key than it has from
I did some manual "sanity" testing, with both 1.18 and this branch:
If we have a host keys that will be checked, we need to negotiate for the type we have. Commonly, openssh could have saved an ecdsa key in known_hosts, but SSHClient will let the Transport negotiate for an rsa key. Then it would consider a key of a non-corresponding type to be "missing". That situation is also now a BadHostKeyException. Before this change, a man-in-the-middle attack on the paramiko ssh client was possible by having only a host key type which differs from what the client has in known_hosts (and then giving any key of that type).