From unknown Fri May 08 13:25:23 2026 X-Loop: owner@bugs.x2go.org Subject: Bug#746: X2Go Client starts with --add-to-known-hosts Reply-To: Mike Gabriel , 746@bugs.x2go.org Resent-From: Mike Gabriel Resent-To: x2go-dev@lists.x2go.org Resent-CC: owner@bugs.x2go.org X-Loop: owner@bugs.x2go.org Resent-Date: Fri, 16 Jan 2015 12:50:03 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.x2go.org X-X2Go-PR-Message: report 746 X-X2Go-PR-Package: x2gothinclient-minidesktop X-X2Go-PR-Keywords: Received: via spool by submit@bugs.x2go.org id=B.142141238525609 (code B); Fri, 16 Jan 2015 12:50:03 +0000 Received: (at submit) by bugs.x2go.org; 16 Jan 2015 12:46:25 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from freya.das-netzwerkteam.de (freya.das-netzwerkteam.de [88.198.48.199]) by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 05D655DEA3 for ; Fri, 16 Jan 2015 13:46:24 +0100 (CET) Received: from grimnir.das-netzwerkteam.de (grimnir.das-netzwerkteam.de [78.46.204.98]) by freya.das-netzwerkteam.de (Postfix) with ESMTPS id A500B16EE for ; Fri, 16 Jan 2015 13:46:23 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id 941D93C09A for ; Fri, 16 Jan 2015 13:46:23 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at grimnir.das-netzwerkteam.de Received: from grimnir.das-netzwerkteam.de ([127.0.0.1]) by localhost (grimnir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0-y5z+N4UmOI for ; Fri, 16 Jan 2015 13:46:23 +0100 (CET) Received: from grimnir.das-netzwerkteam.de (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTPS id 751E03BAB6 for ; Fri, 16 Jan 2015 13:46:23 +0100 (CET) Received: from bifrost.das-netzwerkteam.de (bifrost.das-netzwerkteam.de [178.62.101.154]) by mail.das-netzwerkteam.de (Horde Framework) with HTTP; Fri, 16 Jan 2015 12:46:23 +0000 Date: Fri, 16 Jan 2015 12:46:23 +0000 Message-ID: <20150116124623.Horde.m9WbB9VwPSckxbEdKHwFnA1@mail.das-netzwerkteam.de> From: Mike Gabriel To: submit@bugs.x2go.org User-Agent: Internet Messaging Program (IMP) H5 (6.2.2) Accept-Language: en,de Organization: DAS-NETZWERKTEAM X-Originating-IP: 178.62.101.154 X-Remote-Browser: Mozilla/5.0 (X11; Linux x86_64; rv:32.0) Gecko/20100101 Firefox/32.0 Iceweasel/32.0 Content-Type: multipart/signed; boundary="=_aXH2Q14EvTqdDVzlonwhDQ1"; protocol="application/pgp-signature"; micalg=pgp-sha1 MIME-Version: 1.0 This message is in MIME format and has been PGP signed. --=_aXH2Q14EvTqdDVzlonwhDQ1 Content-Type: text/plain; charset=UTF-8; format=flowed; DelSp=Yes Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Package: x2gothinclient-minidesktop In X2Go TCE setups, X2Go Client always starts with option=20=20 --add-to-known-hosts.=20Thus, the host key of a remote server X2Go=20=20 Server=20gets never verified by the end user. A proper solution would be to provide SSH known_hosts keys of known=20=20 X2Go=20Servers inside a TCE/chroot system-wide known_hosts file. Mike --=20 DAS-NETZWERKTEAM mike=20gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.x= fb --=_aXH2Q14EvTqdDVzlonwhDQ1 Content-Type: application/pgp-signature Content-Description: Digitale PGP-Signatur Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAABAgAGBQJUuQgfAAoJEJr0azAldxsx2+8P/ibWhNp3utmtyg2/SGGXXb+W 6AlLhii9riQr73SUzdZ1KoeUZJzsluvIWYH9y2spOAdPKiTOXSHQiqHk7bR2wA5O FujCDMQPv3hQeTLyKJ6d5kftJ/UkkvjD2ZjfLZWDj9vCiE2yv7qOVgkS1IPCCyh6 MDPR9OB9E5AO0dNfnYtOfIAndhH1+DP7zWTSdu30WhD22dYXjaRz1N4/rgoEaCM9 VkAI/Pe2vLf1IivLIwqjaJpnTSrTS4WUfPXw5V6iqehse29qtd/yaBsG4EXdH5B3 Lk+qeHzHv+G2G/Ysn5hPGOOTebOCNk7g1oTA7ujyEgqLp9Td16rR3Kyf8UT0+DZv DhvD7BZ+0IfQ1+alhxxTfgO6yFaF2jxW7EfPknMc+gvVWE7AQn+rIoSZ4v5sL27h bz5kHkyo5Le+AK0+hqHwgDSNKPLrpzLVRWtnP6bEa+hoyAO8o5RhQkrp4zvQAcDV EqSeVZrbOWmtPdS6+9Sau0NpIsWkK75Keu8eH/pvF70WU3xjqEDaS2XWIQi8RJPt EZO1u9xZBTCE/dDDzSLxOL8c4YDDCb3Aizi6tTTxLajXn1WjfxJfn8wzZ/VqOPUs mTRKEnzHlK7eRVavr5APv0yLSbpKQ6EcDbxa2G35cvCYIiliLb0Nu3qetDg9E49L SGc+kmoUKYGpyPEN4pNi =+a2f -----END PGP SIGNATURE----- --=_aXH2Q14EvTqdDVzlonwhDQ1--