bugzilla-daemon at mindrot.org
2015-May-28 05:11 UTC
[Bug 1993] ssh tries to add keys to ~/.ssh/known_hosts though StrictHostKeyChecking yes is set
https://bugzilla.mindrot.org/show_bug.cgi?id=1993 --- Comment #5 from Darren Tucker <dtucker at zip.com.au> --- (In reply to Christoph Anton Mitterer from comment #4)> Hi guys. > > With version: 6.7p1 > > > Regarding my initial report: > > It *still* happens, that SSH automatically adds a key, i.e.: > $ echo > ~/.ssh/known_hosts > $ ssh -o StrictHostKeyChecking=no someHost > Warning: Permanently added the ECDSA host key for IP address > '2e01:2a6:b9:3823::2:1' to the list of known hosts. > (changed the IP/name for privacy reasons).Did you have an existing, valid hostkey with a different algorithm for that host? I suspect it's due to the hostkeys-00 at openssh.com method that advertises the other host key types after successful authentication. Can you run ssh -vvv and see if those appear immediately before the "key added" message?> - the name truncation no longer happens, but only since the message > is now a different one... so isn't that issue anyway gone?I found the truncation in comment #1, diff incoming.> Anyway,... you asked for some information about platform, etc. > I cannot give you these right now, since yesterday night I locked > myself out of the respective nodes, and I cannot fix this from at > home. > Stay tuned.[...]> Regarding comment #1: > Alex, you obviously confused the value no with yes... "no" is meant > to automatically add the key...Also with regard to that comment: "host 192.168.*,10.* StrictHostKeyChecking no But it has no effect when ssh'ing to any boxes in the defined networks." "Host" in ssh_config doesn't define a network, it defines a hostname as passed to the ssh command line. It should work if you specify an IP address on the command line. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
Possibly Parallel Threads
- [Bug 1993] ssh tries to add keys to ~/.ssh/known_hosts though StrictHostKeyChecking yes is set
- [Bug 1993] ssh tries to add keys to ~/.ssh/known_hosts though StrictHostKeyChecking yes is set
- [Bug 1993] ssh tries to add keys to ~/.ssh/known_hosts though StrictHostKeyChecking yes is set
- [Bug 1993] ssh tries to add keys to ~/.ssh/known_hosts though StrictHostKeyChecking yes is set
- [Bug 1993] ssh tries to add keys to ~/.ssh/known_hosts though StrictHostKeyChecking yes is set