bugzilla-daemon at bugzilla.mindrot.org
2008-Jun-12 13:50 UTC
[Bug 1476] New: .ssh/known_hosts does not save port number
https://bugzilla.mindrot.org/show_bug.cgi?id=1476
Summary: .ssh/known_hosts does not save port number
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.0p1
Platform: All
OS/Version: Linux
Status: NEW
Severity: minor
Priority: P2
Component: ssh
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: parasietje at gmail.com
Problem: .ssh/known_hosts does not save the port number, only the
IP/hostname. Thus, multiple ssh-servers on the same IP will cause key
collisions.
Recreate:
Run sshd1 with certificate1 on port 2221
Run sshd2 with certificate2 on port 2222
Connect to localhost, port 2221.
The server certificate is added to .ssh/known_hosts
Connect to localhost, port 2222
Ssh reports REMOTE HOST KEY CHANGED
Expected behavior:
Ssh makes a difference between the ssh-server on port 2221, and the one
on port 2222.
Known workaround:
Use HostKeyAlias to define an alias for the host on port 2221, and for
the host on port 2222.
It would be a lot better if the port number were included in the
.ssh/known_hosts as well.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Jun-12 17:16 UTC
[Bug 1476] .ssh/known_hosts does not save port number
https://bugzilla.mindrot.org/show_bug.cgi?id=1476
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dtucker at zip.com.au
--- Comment #1 from Darren Tucker <dtucker at zip.com.au> 2008-06-13
03:16:00 ---
Thats' odd, because that's been there for a while. What exact version
are you using (ie what does ssh -V say?)
Using a server with a different key on port 2222 on "myserver" with a
5.0p1 client, I get:
$ ssh -o userknownhostsfile=/tmp/known myserver
The authenticity of host '[myserver]:2222 ([192.168.32.1]:2222)'
can't
be established.
[...]
and /tmp/known contains:
[myserver]:2222,[192.168.32.1]:2222 ssh-rsa AAAAB3Nz[...]
Be aware that using the default port does not add a port number, and if
a matching host key is found without a port then it is used even if
you're connecting on a nonstandard port (this is for backward
compatibility).
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Jun-13 00:04 UTC
[Bug 1476] .ssh/known_hosts does not save port number
https://bugzilla.mindrot.org/show_bug.cgi?id=1476
parasietje at gmail.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WORKSFORME
--- Comment #2 from parasietje at gmail.com 2008-06-13 10:03:56 ---
I did not use the latest version. Terrible apologies for wasting your
time!
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Jul-22 02:24 UTC
[Bug 1476] .ssh/known_hosts does not save port number
https://bugzilla.mindrot.org/show_bug.cgi?id=1476
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #3 from Damien Miller <djm at mindrot.org> 2008-07-22
12:24:56 ---
Mass update RESOLVED->CLOSED after release of openssh-5.1
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.