http://bugzilla.mindrot.org/show_bug.cgi?id=910 Summary: known_hosts port numbers Product: Portable OpenSSH Version: 3.7.1p2 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: openssh-bugs at mindrot.org ReportedBy: devin.nate at bridgecomm.net At our sites, we have many situations where we hide many SSH hosts behind a single IP address, where a Firewall is doing NAT and port forwarding. For example, we may have 3 hosts (each with different host keys), A, B, and C. For example: Host A: 1.1.1.1 port 2222 Host B: 1.1.1.1 port 22 Host C: 1.1.1.1 port 2020 Unfortunately, the known_hosts file only records the IP address of the machine, and therefore if a person connects to host A, accepts the host key, and then tries to connect to host B or host C they will get a message indicating that the host key has changed. In our production environment, we force our users to use strick host key checking, and they don't have direct access to their known_hosts file. This bug/feature request is for the inclusion of the port number in the known_hosts file. I'd recommend in the known_hosts format: ip.ip.ip.ip:port ... ... where the :port is new, and if not specified defaults to port 22. Thanks, Devin Nate ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.