From de9d7274f23e7d9168d205b8ebf3546492797383 Mon Sep 17 00:00:00 2001
From: "W. Trevor King" <wking@drexel.edu>
Date: Thu, 15 Dec 2011 19:32:33 -0500
Subject: [PATCH] Add OpenSSH and ECDSA post.

---
 posts/OpenSSH_and_ECDSA.mdwn | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 posts/OpenSSH_and_ECDSA.mdwn

diff --git a/posts/OpenSSH_and_ECDSA.mdwn b/posts/OpenSSH_and_ECDSA.mdwn
new file mode 100644
index 0000000..fdd9441
--- /dev/null
+++ b/posts/OpenSSH_and_ECDSA.mdwn
@@ -0,0 +1,19 @@
+OpenSSH since 5.7 prefers ECDSA over RSA and DSA keys, but you may get
+errors such as:
+
+    Error calculating host key fingerprint.
+    ...
+    The fingerprint for the ECDSA key sent by the remote host is
+    ...
+    Offending RSA key in /home/troll/.ssh/known_hosts:10
+    ...
+
+There seems to be no way to use the old RSA public key in you
+`known_hosts` to automatically trust the new ECDSA key.  You'll have
+to either copy `/etc/ssh/ssh_host_ecdsa_key.pub` into your
+`known_hosts` file by hand, or do the usual
+[[fingerprinting|fingerprints]].
+
+See [Phil Pennock's (the Grumpy Troll) post][gt] for more details 
+
+[gt]: http://bridge.grumpy-troll.org/2011/01/openssh.html
-- 
2.26.2