bugzilla-daemon at bugzilla.mindrot.org
2017-Mar-08 17:55 UTC
[Bug 2692] New: Hash does not include the port
https://bugzilla.mindrot.org/show_bug.cgi?id=2692 Bug ID: 2692 Summary: Hash does not include the port Product: Portable OpenSSH Version: 7.4p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh-keyscan Assignee: unassigned-bugs at mindrot.org Reporter: josh.powers at canonical.com This was reported to Ubuntu and I wanted to follow up with the openssh maintainers as to the expected behavior to verify if this is in fact a bug. When running an ssh-keyscan with the -H option on a custom port the port is not included in the hash and is in plain text. For example: $ ssh-keyscan -H -p 2222 10.10.10.10 [|1|HASHED_IP]:2222 ssh-rsa MY_RSA_KEY If however I run ssh-keygen without the -H and then come back with ssh-keygen it will hash the port: $ ssh-keyscan -p 2222 10.10.10.10 > ~/.ssh/authorized_keys [10.10.10.10]:2222 ssh-rsa MY_RSA_KEY $ ssh-keygen -H -f ~/.ssh/authorized_keys $ cat ~/.ssh/authorized_keys |1|HASHED_IP_AND_PORT ssh-rsa MY_RSA_KEY Should ssh-keyscan also be hashing the port? -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Mar-10 02:42 UTC
[Bug 2692] Hash does not include the port
https://bugzilla.mindrot.org/show_bug.cgi?id=2692 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org, | |dtucker at zip.com.au Assignee|unassigned-bugs at mindrot.org |djm at mindrot.org Attachment #2956| |ok?(dtucker at zip.com.au) Flags| | --- Comment #1 from Damien Miller <djm at mindrot.org> --- Created attachment 2956 --> https://bugzilla.mindrot.org/attachment.cgi?id=2956&action=edit include port in ssh-keyscan hash ssh-keyscan is in error here. It's supposed to include the port in the hash as ssh and ssh-keygen do. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Mar-10 02:42 UTC
[Bug 2692] Hash does not include the port
https://bugzilla.mindrot.org/show_bug.cgi?id=2692 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |2647 Referenced Bugs: https://bugzilla.mindrot.org/show_bug.cgi?id=2647 [Bug 2647] Tracking bug for OpenSSH 7.5 release -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Mar-10 03:14 UTC
[Bug 2692] Hash does not include the port
https://bugzilla.mindrot.org/show_bug.cgi?id=2692 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #2956|ok?(dtucker at zip.com.au) |ok+ Flags| | -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Mar-10 03:18 UTC
[Bug 2692] Hash does not include the port
https://bugzilla.mindrot.org/show_bug.cgi?id=2692 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Severity|enhancement |minor Resolution|--- |FIXED --- Comment #2 from Damien Miller <djm at mindrot.org> --- Patch applied. This will be in OpenSSH 7.5, due soon. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2018-Apr-06 02:26 UTC
[Bug 2692] Hash does not include the port
https://bugzilla.mindrot.org/show_bug.cgi?id=2692 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #3 from Damien Miller <djm at mindrot.org> --- Close all resolved bugs after release of OpenSSH 7.7. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.