Hi, I am using ssh-keyscan with a list of hosts, such as: ssh-keyscan -t rsa -f hosts_for_keyscan Some of the hosts in the list have dsa, but no rsa keys. For such hosts, the command displays: no hostkey alg When this is the case for 2 hosts, this message appears twice AND SSH-KEYSCAN STOPS QUERYING, which means that no keys at all are returned for the following hosts. Here is the part of the trace corresponding to the problem. In this example hosts 157.159.100.120 and 157.159.100.122 have dsa but no rsa keys. (The problem is even more annoying if I use ssh-keyscan -t rsa1,rsa,dsa, because after the 2 hosts the whole command stops and NO RSA1 KEYS AT ALL ARE RETRIEVED.) It seems that a function cleanup is called for the first host, and not the second one ? Patrick. -----> ssh-keyscan -v -t rsa -f hosts_for_keyscan > known_hosts_from_keyscan... # 157.159.100.120 SSH-1.99-OpenSSH_2.3.0p1 Enabling compatibility mode for protocol 2.0 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-cbc hmac-md5 none debug1: kex: client->server aes128-cbc hmac-md5 none no hostkey alg debug1: Calling cleanup 0x21ba0(0x0) debug1: Calling cleanup 0x21ba0(0x0) debug1: Calling cleanup 0x21ba0(0x0) debug1: Calling cleanup 0x21ba0(0x0) debug1: Calling cleanup 0x21ba0(0x0) debug1: Calling cleanup 0x21ba0(0x0) debug1: Calling cleanup 0x21ba0(0x0) debug1: Calling cleanup 0x21ba0(0x0) debug1: Calling cleanup 0x21ba0(0x0) debug1: Calling cleanup 0x21ba0(0x0) debug1: Calling cleanup 0x1c324(0x0) debug1: match: OpenSSH_2.3.0p1 pat ^OpenSSH_2\.3\.0 # 157.159.100.122 SSH-1.99-OpenSSH_2.3.0p1 Enabling compatibility mode for protocol 2.0 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-cbc hmac-md5 none debug1: kex: client->server aes128-cbc hmac-md5 none no hostkey alg debug1: writing PRNG seed to file /Users/teleinf4/patrick/.ssh/prng_seed
On Tue, Feb 12, 2002 at 06:37:11PM +0100, Patrick Maigron wrote:> When this is the case for 2 hosts, this message appears twice AND > SSH-KEYSCAN STOPS QUERYING, which means that no keys at all are > returned for the following hosts.does this happen with a recent snapshot, too?
On Tue, Feb 12, 2002 at 06:37:11PM +0100, Patrick Maigron wrote:> When this is the case for 2 hosts, this message appears twice AND > SSH-KEYSCAN STOPS QUERYING, which means that no keys at all are > returned for the following hosts.this ugly hack should help. fatal() cannot be called twice. Index: log.c ==================================================================RCS file: /cvs/openssh_cvs/log.c,v retrieving revision 1.19 diff -u -r1.19 log.c --- log.c 4 Jul 2001 04:46:58 -0000 1.19 +++ log.c 13 Feb 2002 12:48:35 -0000 @@ -228,16 +228,17 @@ (u_long) proc, (u_long) context); } +int ssh_fatal_cleanup_running = 0; + /* Cleanup and exit */ void fatal_cleanup(void) { struct fatal_cleanup *cu, *next_cu; - static int called = 0; - if (called) + if (ssh_fatal_cleanup_running) exit(255); - called = 1; + ssh_fatal_cleanup_running = 1; /* Call cleanup functions. */ for (cu = fatal_cleanups; cu; cu = next_cu) { next_cu = cu->next; Index: ssh-keyscan.c ==================================================================RCS file: /cvs/openssh_cvs/ssh-keyscan.c,v retrieving revision 1.37 diff -u -r1.37 ssh-keyscan.c --- ssh-keyscan.c 14 Nov 2001 21:40:45 -0000 1.37 +++ ssh-keyscan.c 13 Feb 2002 12:48:35 -0000 @@ -659,8 +659,12 @@ static void fatal_callback(void *arg) { - if (nonfatal_fatal) + extern int ssh_fatal_cleanup_running; + + if (nonfatal_fatal) { + ssh_fatal_cleanup_running = 0; longjmp(kexjmp, -1); + } } static void
On Wed, Feb 13, 2002 at 01:47:49PM +0100, Markus Friedl wrote:> On Tue, Feb 12, 2002 at 06:37:11PM +0100, Patrick Maigron wrote: > > When this is the case for 2 hosts, this message appears twice AND > > SSH-KEYSCAN STOPS QUERYING, which means that no keys at all are > > returned for the following hosts. > > this ugly hack should help. > > fatal() cannot be called twice.Great, it works out fine. Thanks for the (ugly but) rapid patch.