bugzilla-daemon at bugzilla.mindrot.org
2008-Jun-12 13:50 UTC
[Bug 1476] New: .ssh/known_hosts does not save port number
https://bugzilla.mindrot.org/show_bug.cgi?id=1476 Summary: .ssh/known_hosts does not save port number Classification: Unclassified Product: Portable OpenSSH Version: 5.0p1 Platform: All OS/Version: Linux Status: NEW Severity: minor Priority: P2 Component: ssh AssignedTo: unassigned-bugs at mindrot.org ReportedBy: parasietje at gmail.com Problem: .ssh/known_hosts does not save the port number, only the IP/hostname. Thus, multiple ssh-servers on the same IP will cause key collisions. Recreate: Run sshd1 with certificate1 on port 2221 Run sshd2 with certificate2 on port 2222 Connect to localhost, port 2221. The server certificate is added to .ssh/known_hosts Connect to localhost, port 2222 Ssh reports REMOTE HOST KEY CHANGED Expected behavior: Ssh makes a difference between the ssh-server on port 2221, and the one on port 2222. Known workaround: Use HostKeyAlias to define an alias for the host on port 2221, and for the host on port 2222. It would be a lot better if the port number were included in the .ssh/known_hosts as well. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Jun-12 17:16 UTC
[Bug 1476] .ssh/known_hosts does not save port number
https://bugzilla.mindrot.org/show_bug.cgi?id=1476 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dtucker at zip.com.au --- Comment #1 from Darren Tucker <dtucker at zip.com.au> 2008-06-13 03:16:00 --- Thats' odd, because that's been there for a while. What exact version are you using (ie what does ssh -V say?) Using a server with a different key on port 2222 on "myserver" with a 5.0p1 client, I get: $ ssh -o userknownhostsfile=/tmp/known myserver The authenticity of host '[myserver]:2222 ([192.168.32.1]:2222)' can't be established. [...] and /tmp/known contains: [myserver]:2222,[192.168.32.1]:2222 ssh-rsa AAAAB3Nz[...] Be aware that using the default port does not add a port number, and if a matching host key is found without a port then it is used even if you're connecting on a nonstandard port (this is for backward compatibility). -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Jun-13 00:04 UTC
[Bug 1476] .ssh/known_hosts does not save port number
https://bugzilla.mindrot.org/show_bug.cgi?id=1476 parasietje at gmail.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WORKSFORME --- Comment #2 from parasietje at gmail.com 2008-06-13 10:03:56 --- I did not use the latest version. Terrible apologies for wasting your time! -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Jul-22 02:24 UTC
[Bug 1476] .ssh/known_hosts does not save port number
https://bugzilla.mindrot.org/show_bug.cgi?id=1476 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #3 from Damien Miller <djm at mindrot.org> 2008-07-22 12:24:56 --- Mass update RESOLVED->CLOSED after release of openssh-5.1 -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.