The host key rotation support sounds very nice, and something I've wanted for a long time:
> * ssh(1), sshd(8): Experimental host key rotation support. Add a protocol extension for a server to inform a client of all its available host keys after authentication has completed. The client may record the keys in known_hosts, allowing it to upgrade to better host key algorithms and a server to gracefully rotate its keys.
> The client side of this is controlled by a UpdateHostkeys config option (default off).
I wish it were on by default, but I guess they want to test it further before enabling it by default. It will remove the temptation to keep using old, weak or suspect keys just because of the hassle of having all the users update their keys or because the admins are afraid of training their users that the scary "HOST KEY HAS CHANGED!!!" warnings are normal and should be ignored.
I agree, it's an exciting feature with a lot of promise. It does have some potential for abuse, and I think defaulting to off is the proper choice. Even when it's no longer experimental, this is something I imagine you'd want to enable on a per server basis.
> * ssh(1), sshd(8): Experimental host key rotation support. Add a protocol extension for a server to inform a client of all its available host keys after authentication has completed. The client may record the keys in known_hosts, allowing it to upgrade to better host key algorithms and a server to gracefully rotate its keys.
> The client side of this is controlled by a UpdateHostkeys config option (default off).
I wish it were on by default, but I guess they want to test it further before enabling it by default. It will remove the temptation to keep using old, weak or suspect keys just because of the hassle of having all the users update their keys or because the admins are afraid of training their users that the scary "HOST KEY HAS CHANGED!!!" warnings are normal and should be ignored.