bugzilla-daemon at mindrot.org
2023-Dec-12 17:32 UTC
[Bug 3643] New: order_hostkeyalgs can't find host-key in KnownHostsCommand if it contains port
https://bugzilla.mindrot.org/show_bug.cgi?id=3643
Bug ID: 3643
Summary: order_hostkeyalgs can't find host-key in
KnownHostsCommand if it contains port
Product: Portable OpenSSH
Version: 9.5p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: glance+mindrot at ac2.se
I have a KnownHostsCommand which emits :
[targethost]:1234 ssh-rsa ...
ssh -vvv -o KnownHostsCommand=cmd -p 1234 targethost shows:
...
debug1: Authenticating to targethost:9022 as 'user'
debug3: put_host_port: [targethost]:9022
debug3: subprocess: KnownHostsCommand-ORDER command "cmd" running as
user (flags 0x1a)
debug3: subprocess: KnownHostsCommand-ORDER pid 12345
debug3: sigaction(Killed): Invalid argument
debug3: sigaction(Stopped (signal)): Invalid argument
debug3: sigaction(Unknown signal 32): Invalid argument
debug3: sigaction(Unknown signal 33): Invalid argument
debug3: order_hostkeyalgs: no algorithms matched; accept original
I've diagnosed this down to sshconnect2.c:142:
load_hostkeys_command(hostkeys, options.known_hosts_command,
"ORDER", cinfo, NULL, host);
It calls load_hostkeys_command with host, which in this context is just
targethost and not hostname that will in this context be
[targethost]:1234 .
Right above the load_hostkeys_command are the load_hostkeys calls which
uses hostname instead.
I'm guessing this is just a simple typo from development which caused
it to not work in the special case where one has a not prefered
ssh-host-key with a port in a KnownHostsCommand. If the ssh-host-key
the KnownHostsCommand emitted would be the prefered one, ssh-ed25519,
it would by accident, or if the default port was used.
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2023-Dec-12 17:33 UTC
[Bug 3643] order_hostkeyalgs can't find host-key in KnownHostsCommand if it contains port
https://bugzilla.mindrot.org/show_bug.cgi?id=3643 --- Comment #1 from Anton Lundin <glance+mindrot at ac2.se> --- Sorry for the inconsistent port number in the redacted log-snippet. s/1234/9022/ and everything is ok. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2023-Dec-12 23:25 UTC
[Bug 3643] order_hostkeyalgs can't find host-key in KnownHostsCommand if it contains port
https://bugzilla.mindrot.org/show_bug.cgi?id=3643
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Assignee|unassigned-bugs at mindrot.org |djm at mindrot.org
CC| |djm at mindrot.org,
| |dtucker at dtucker.net
Status|NEW |ASSIGNED
Attachment #3775| |ok?(dtucker at dtucker.net)
Flags| |
--- Comment #2 from Damien Miller <djm at mindrot.org> ---
Created attachment 3775
--> https://bugzilla.mindrot.org/attachment.cgi?id=3775&action=edit
use hostaddr (host[:port]) instead of plain host
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2023-Dec-13 02:16 UTC
[Bug 3643] order_hostkeyalgs can't find host-key in KnownHostsCommand if it contains port
https://bugzilla.mindrot.org/show_bug.cgi?id=3643
Darren Tucker <dtucker at dtucker.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #3775|ok?(dtucker at dtucker.net) |ok+
Flags| |
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2023-Dec-13 03:30 UTC
[Bug 3643] order_hostkeyalgs can't find host-key in KnownHostsCommand if it contains port
https://bugzilla.mindrot.org/show_bug.cgi?id=3643
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|ASSIGNED |RESOLVED
Blocks| |3628
--- Comment #3 from Damien Miller <djm at mindrot.org> ---
committed with the name fixed - it should be 'hostname' instead of
'hostaddr'
Thanks - this will be in OpenSSH 9.6, due next week.
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=3628
[Bug 3628] tracking bug for openssh-9.6
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
Apparently Analagous Threads
- [Bug 3652] New: KnownHostsCommand should expand tokens and environment variables on first argument
- [Bug 1777] KnownHostsCommand
- [Bug 1777] New: KnownHostsCommand
- Fwd: KnownHostsCommand /usr/bin/sss_ssh_knownhosts %H breaks if host entry in ~/ssh/config exists specifying the IP
- [Bug 3628] New: tracking bug for openssh-9.6