Possibility to specify preferred host key algorithms
Date: Fri, 16 Aug 2019 13:47:58 +0000
In OpenSSH there exists the possibility to use the HostKeyAlgorithms option to specify which host key algorithms to use. When using curl/libcurl together with libssh2, there is however no counterpart to this option.
In a situation where curl is used with the --hostpubmd5 argument to communicate with a server (or libcurl, setting the CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 option) with for example one rsa key and one ecdsa key, the user of curl can not influence which key is actually used.
This might causes a problem when using the latest version of libssh2, since it allows more types of keys than before. It could be the case that a user expects an md5 fingerprint of an rsa key to be accepted, but now an ecdsa key is used instead, causing a mismatch.
With an option of setting a preferred host key algorithm, this problem could be avoided. Could this be a reasonable feature for curl/libcurl (and possibly libssh2)?