JoeKrogan@lemmy.world
on 18 Feb 2025 19:37
nextcollapse
Thanks for heads up.
admin@sh.itjust.works
on 19 Feb 2025 03:48
collapse
“The attack against the OpenSSH client (CVE-2025-26465) succeeds regardless of whether the VerifyHostKeyDNS option is set to “yes” or “ask” (its default is “no”), requires no user interaction, and does not depend on the existence of an SSHFP resource record (an SSH fingerprint) in DNS,” explains Qualys.
threaded - newest
Thanks for heads up.
Thankfully is not enabled by default…