$ man sshd
[..]
SSH_KNOWN_HOSTS FILE FORMAT
The /etc/ssh_known_hosts and ~/.ssh/known_hosts files contain host public
keys for all known hosts. The global file should be
prepared by the administrator (optional), and the per-user file is
maintained automatically: whenever the user connects from an
unknown host, its key is added to the per-user file.
Each line in these files contains the following fields: hostnames, bits,
exponent, modulus, comment. The fields are separated by
spaces.
Hostnames is a comma-separated list of patterns (`*' and `?' act as
wildcards); each pattern in turn is matched against the
canonical host name (when authenticating a client) or against the
user-supplied name (when authenticating a server). A pattern
may also be preceded by `!' to indicate negation: if the host name
matches a negated pattern, it is not accepted (by that line)
even if it matched another pattern on the line. A hostname or address may
optionally be enclosed within `[' and `]' brackets
then followed by `:' and a non-standard port number.
.. This has been in since 2006. Bug:
https://bugzilla.mindrot.org/show_bug.cgi?id=910
- Ben
On Jun 2, 2010, at 7:49 AM, Alex Bligh wrote:
> Is there a good reason why known_hosts stores the address of the server
> but not the port? This is annoying when one host is running more than
> one instance of openssh with different ports and different keys, or
> (less tractably) when a NAT in front of multiple hosts multiplexes
> which host is connected to by port number. I see no immediate security
> implication in fixing this, but am I missing something?
>
> --
> Alex Bligh
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev