openssh bugs - Apr 2022 - [Bug 3407] ssh-keyscan can't find hostname in 8.9 while finds in 8.8 (keygen or keyscan issue) when port is used

https://bugzilla.mindrot.org/show_bug.cgi?id=3407

            Bug ID: 3407
           Summary: ssh-keyscan can't find hostname in 8.9 while finds in
                    8.8 (keygen or keyscan issue) when port is used
           Product: Portable OpenSSH
           Version: 8.9p1
          Hardware: amd64
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: ssh-keygen
          Assignee: unassigned-bugs at mindrot.org
          Reporter: arekm at maven.pl

Is ssh-keygen generating something incorrectly when port is used?

8.8p1 behaviour, find something when querying without port (but not
with port):

$ ssh-keyscan -p24 -H localhost > x
# localhost:24 SSH-2.0-OpenSSH_8.8
# localhost:24 SSH-2.0-OpenSSH_8.8
# localhost:24 SSH-2.0-OpenSSH_8.8
# localhost:24 SSH-2.0-OpenSSH_8.8
# localhost:24 SSH-2.0-OpenSSH_8.8

$ ssh-keygen -F localhost -f x
# Host localhost found: line 1
|1|bgKXcPS8/7Gu205qEvRPtD0keuo=|euMjJeWHk/lrQUj6FFKWs+PMuIs= ssh-rsa
AAAAB3NzaC1yc2EAAAABIwAAAQEA69uUvZ2ytAeV6j+K+XAUcg3VjHDcnCeMJhpHWfbjg19VreEhHF4Q9Mqma52rO7Ek3o2H6HtGoA9xFJkq0Qh8najATJXOgWu5j8Sce0BSHrSgBcjc9qSLFuB0scksc3GtaebNfVW2wkMN2bKIgcUYWr7PoegUb2mPCqA+/9uCNmcTkary7fzlNWGGwfkymqPgnEmQi95fYg3iGngbocmTPYAieQx95naeA2qmAflSo1CkA35uv7XYAHUGb4mM+h02rz8fTyYx6UFahDOMVdRDD5dXhwrqE8w6ZupKOzLgYNwvJsNW6c7iXcGijBSN24dn2KUGqVwHriq6oEei4Gbdpw=#
Host localhost found: line 2
|1|aSrZkQOhADoYhvmgw8uPQOSDxzk=|ddeO9drGbpfJmuiTUCWFtJT7i4wecdsa-sha2-nistp256
AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAbLZGODREQwfd0w8DRhWZoBYgPnPWDfs7PeLxV+2CpJNTujVAmFUFBdjlIhb7WdtHaZZBV8b0r9X0Ky3qyoYuM#
Host localhost found: line 3
|1|bm4X5CEL/A2V5NZwjlBC1ZGHcYA=|TYNkBmtPeFC+Zc3y292nEayiGAQssh-ed25519
AAAAC3NzaC1lZDI1NTE5AAAAILBcofK3yv+1Ypo1s4L2sJy9TOBietyTQGIBw+QE+I+F

$ ssh-keygen -F localhost:24 -f x
$

$ ssh -V
OpenSSH_8.8p1, OpenSSL 3.0.1 14 Dec 2021


and 8.9p1 behaviour, nothing is found in "with and without port"
variants:

$ ssh-keyscan -p24 -H localhost > x
# localhost:24 SSH-2.0-OpenSSH_8.9
# localhost:24 SSH-2.0-OpenSSH_8.9
# localhost:24 SSH-2.0-OpenSSH_8.9
# localhost:24 SSH-2.0-OpenSSH_8.9
# localhost:24 SSH-2.0-OpenSSH_8.9

$ ssh-keygen -F localhost -f x
$

$ ssh-keygen -F localhost:24 -f x
$

$ ssh -V
OpenSSH_8.9p1, OpenSSL 3.0.1 14 Dec 2021


Now 8.9p1 with x file generated with ssh-keygen 8.8p1 works like this:
ssh-keygen -F localhost -f x8.9

but 8.8p1 with x file generated by ssh-keygen 8.9p1 fails to find
anything.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3407

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |djm at mindrot.org

--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Could you run ssh-keyscan with the debugging verbosity turned up and
attach the output for a failed 8.9 session? Adding -vvv to the
arguments will do this

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3407

--- Comment #2 from Arkadiusz Mi?kiewicz <arekm at maven.pl> ---
Created attachment 3584
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3584&action=edit
ssh-keyscan -vv -p24 -H localhost

"ssh-keyscan -vv -p24 -H localhost" log

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3407

--- Comment #3 from Damien Miller <djm at mindrot.org> ---
Ah, it's probably the fix for bug #3367
https://github.com/openssh/openssh-portable/commit/e9c71498a08

Before 8.9, ssh-keyscan would not include the port in the hash as ssh
does. If you use a non-default port now, then it is included in the
hash just as if it was added by "ssh -p24 localhost"

[djm at neko openssh]$ ./ssh-keyscan -Hp 2222 localhost > /tmp/x
# localhost:2222 SSH-2.0-OpenSSH_8.9
[djm at neko openssh]$ ssh-keygen -f /tmp/x -F localhost
[djm at neko openssh]$ ssh-keygen -lf /tmp/x -F "[localhost]:2222"
# Host [localhost]:2222 found: line 1 
[localhost]:2222 RSA SHA256:llyZXQpeXErA3hDjef4lD5vVgsKOLEas0tKMrNSheNw

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3407

Arkadiusz Mi?kiewicz <arekm at maven.pl> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |INVALID

--- Comment #4 from Arkadiusz Mi?kiewicz <arekm at maven.pl> ---
So not a bug and 'localhost:24' is not supported ([] is mandatory).

Indeed, works with []:port.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3407

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #5 from Damien Miller <djm at mindrot.org> ---
closing bug resolved during openssh-9.0 release cycle

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.