Displaying 20 results from an estimated 29 matches for "canonicalizehostnam".
Did you mean:
canonicalizehostname
2020 May 20
7
CanonicalHostname and ssh connections through a jumphost
raf wrote:
> Warlich, Christof wrote:
> > ...
> > I want to be able to ssh to all internal hosts that live in the internal.sub.domain.net,
> > i.e. that are only accessible through the internal.sub.domain.net jumphost without
> > having to list each of these hosts somewhere, as they may frequently be added or
> > removed from the internal domain and without being
2016 Apr 03
6
[Bug 2562] New: CanonicalizeHostname causes duplicate LocalForward attempts
https://bugzilla.mindrot.org/show_bug.cgi?id=2562
Bug ID: 2562
Summary: CanonicalizeHostname causes duplicate LocalForward
attempts
Product: Portable OpenSSH
Version: 7.1p1
Hardware: ix86
OS: Mac OS X
Status: NEW
Severity: normal
Priority: P5
Component: ssh
Assignee: unas...
2014 Jan 19
1
For the default of CanonicalizeFallbackLocal
...Specifies whether to fail with an error when hostname canonical-
ization fails. The default, ?no?, will attempt to look up the
unqualified hostname using the system resolver?s search rules. A
value of ?yes? will cause ssh(1) to fail instantly if
CanonicalizeHostname is enabled and the target hostname cannot be
found in any of the domains specified by CanonicalDomains.
but, I think in the "yes".
In the source code...
1476 initialize_options(Options * options)
1477 {
1561 options->canonicalize_fallback_local = -1;
1563 }
1571 fill...
2014 Aug 30
14
[Bug 2267] New: Host matching uses modified hostname as well as original
...sections that match the *new*
hostname. Arguably this behaviour might be useful, but it's a
significant functional change.
There is also a documentation bug here: the description of Host says
that even canonicalisation will not change the behaviour of Host
matching, whereas the description of CanonicalizeHostname says that it
will! But even with canonicalisation on, only canonicalised hostnames
should be matched, not any explicit changes specfied by HostName.
More worryingly, the problem seems to affect "Match OriginalHost",
which is also documented only ever to match the text that was given on...
2023 Apr 01
1
[Bug 3555] New: ForwardAgent doesn't work under Match canonical
...: Portable OpenSSH
Version: 8.4p1
Hardware: amd64
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: gomez404 at gmail.com
When using CanonicalizeHostname, the ForwardAgent directive doesn't
seem to work under Match canonical.
e.g.
-----
Host bastion
ProxyJump none
Match canonical
ProxyJump bastion
ForwardAgent yes
Host *
ForwardAgent no
CanonicalizeHostname always
CanonicalDomains mydomain.co.uk
CanonicalizeMaxDot...
2013 Oct 23
1
ProxyCommand brokent in recent snapshots
Hello,
While testing recent snapshots (20131023 and 20131024) I encountered a
problem with ProxyCommand. The regression tests all passed, but the use
of ProxyCommand's in my ~/.ssh/config resulted in name resolution
errors; even if CanonicalizeHostname was explicitly set to "no."
The patch included inline below fixed the issue:
Index: ssh.c
===================================================================
RCS file: /cvs/openssh/ssh.c,v
retrieving revision 1.386
diff -u -r1.386 ssh.c
--- ssh.c 23 Oct 2013 05:31:11 -0000 1.386
+++ ss...
2015 Feb 21
3
[Bug 2356] New: inheritance of options not working as documented + HostName leads to recursive reparsing isn't documented
https://bugzilla.mindrot.org/show_bug.cgi?id=2356
Bug ID: 2356
Summary: inheritance of options not working as documented +
HostName leads to recursive reparsing isn't documented
Product: Portable OpenSSH
Version: 6.7p1
Hardware: All
OS: All
Status: NEW
Severity: normal
2017 Mar 01
2
Slow connects due to out-of-context DNS lookup
...rk properly.
Is there a way to suppress this DNS lookup happening locally, when using
ProxyCommand?
Is this in the same set of things being discussed at
http://marc.info/?l=openssh-unix-dev&m=139556798100796&w=2
and https://bugzilla.mindrot.org/show_bug.cgi?id=2218
?
I don't have CanonicalizeHostName on, so what's doing the lookup?
2014 Dec 22
9
Dealing with roaming machines
...etimes
I leave the laptop at the office overnight, or hop over to the third
site for an hour or two.
I'd like to find a way to configure OpenSSH (or Linux in general) to
try the other networks if the machine cannot be found locally.
Unfortunately, DNS "search" in /etc/resolv.conf and
CanonicalizeHostname in ssh_config both don't work since they only
iterate the network DNS zones until a record is found, and my laptop
has an entry in all three zones.
Short of creating a single DNS entry and adding all possible IPs for
my laptop, I am wondering if there's a way to configure OpenSSH
(or Linu...
2015 Aug 26
5
Disabling host key checking on LAN
If I want to specify for LAN addresses that I don't want to deal with host
keys, how do I do that? Understanding the risks, knowing almost everyone
will say not to do this - it's a horrible idea, but deciding I want to do
it anyway. Tired of having to remove entries from known_hosts with the
multiple VM's I have that often change fingerprints, and am willing to live
with the risks.
2023 Jul 31
5
Call for testing: OpenSSH 9.4
...following keys do not. bz3580
* scp(1), sftp(1): adjust ftruncate() logic to handle servers that
reorder requests. Previously, if the server reordered requests then
the resultant file would be erroneously truncated.
* ssh(1): don't incorrectly disable hostname canonicalization when
CanonicalizeHostname=yes and ProxyJump was expicitly set to
"none". bz3567
* scp(1): when copying local->remote, check that the source file
exists before opening an SFTP connection to the server. Based on
GHPR#370
Portability
-----------
* All: a number of build fixes for various platforms a...
2023 Feb 27
1
Why does ssh-keyscan not use .ssh/config?
Hi ML members,
is there a reason, why ssh-keyscan does not use Host definitions from .ssh/config but does only relys on DNS host names? I have a quite long list of host names and a not that well maintained name server.
2023 Mar 01
1
Why does ssh-keyscan not use .ssh/config?
...ll maintained name server.
Mostly to keep ssh-keyscan simple. ssh_config contains a lot more
options than Host/Hostname that we'd need to implement if we supported
it in other tools including:
ProxyCommand/ProxyJump
Match (further complicated by Match supporting username, but ssh-keyscan not)
CanonicalizeHostname and Canonicalize*
BindInterface/BindAddress
There are other options too, and implementing them all would be quite
a bit of work.
I'd suggest writing a script or alias using `ssh -G` to resolve the hostname
and plumb it to ssh-keyscan. E.g.
mykeyscan() {
for x in "$@" ; do
ssh-k...
2014 Oct 06
3
[Bug 2286] New: Port ignored when re-reading config after canonicalization
...Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: pcl at pclewis.com
Created attachment 2482
--> https://bugzilla.mindrot.org/attachment.cgi?id=2482&action=edit
Patch to make ssh_connect_direct use port parameter.
To reproduce:
--
# ~/.ssh/config
CanonicalizeHostname yes
CanonicalDomains mynet.local
Host *.mynet.local
Port 99
--
$ ssh -vvv somedomain
...
debug1: Canonicalized hostname "somedomain" => "somedomain.mynet.local"
debug1: Hostname has changed; re-reading configuration
debug1: Reading configuration data /home/user/.ssh/config...
2015 Aug 27
3
Disabling host key checking on LAN
...led it. I am using a single word hostname.
> >
> > Is there any way for me to specify the private IP space I'm using, so I
> can
> > use single word hostnames in the command line, without having to list
> each
> > of them in ssh_config?
> >
> > Setting CanonicalizeHostname it looks like just uses the CanoncialDomains
> > suffixes and CanonicalizePermittedCNAMEs rules, which I don't think I can
> > set up to canonicalize to IP address.
> >
> > I realize I could make the options I want globally set, but I wanted
> them to
> > be de...
2018 Oct 19
0
Announce: OpenSSH 7.9 released
...closed when configured with a text key
revocation list that contains a too-short key. bz#2897
* ssh(1): treat connections with ProxyJump specified the same as
ones with a ProxyCommand set with regards to hostname
canonicalisation (i.e. don't try to canonicalise the hostname
unless CanonicalizeHostname is set to 'always'). bz#2896
* ssh(1): fix regression in OpenSSH 7.8 that could prevent public-
key authentication using certificates hosted in a ssh-agent(1)
or against sshd(8) from OpenSSH <7.8.
Portability
-----------
* All: support building against the openssl-1.1 API (re...
2023 Feb 27
3
[Bug 3544] New: Support CIDR notation for host pattern matching
https://bugzilla.mindrot.org/show_bug.cgi?id=3544
Bug ID: 3544
Summary: Support CIDR notation for host pattern matching
Product: Portable OpenSSH
Version: 9.1p1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: Miscellaneous
Assignee:
2016 Feb 03
3
[Bug 2538] New: openssh v7 config parse regression
https://bugzilla.mindrot.org/show_bug.cgi?id=2538
Bug ID: 2538
Summary: openssh v7 config parse regression
Product: Portable OpenSSH
Version: 7.1p1
Hardware: Other
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
2023 Aug 10
1
Announce: OpenSSH 9.4 released
...following keys do not. bz3580
* scp(1), sftp(1): adjust ftruncate() logic to handle servers that
reorder requests. Previously, if the server reordered requests then
the resultant file would be erroneously truncated.
* ssh(1): don't incorrectly disable hostname canonicalization when
CanonicalizeHostname=yes and ProxyJump was expicitly set to
"none". bz3567
* scp(1): when copying local->remote, check that the source file
exists before opening an SFTP connection to the server. Based on
GHPR#370
Portability
-----------
* All: a number of build fixes for various platforms a...
2023 Dec 18
1
Announce: OpenSSH 9.6 released
...TTY is active.
* ssh(1): switch mainloop from poll(3) to ppoll(3) and mask signals
before checking flags set in signal handler. Avoids potential
race condition between signaling ssh to exit and polling. bz3531
* ssh(1): when connecting to a destination with both the
AddressFamily and CanonicalizeHostname directives in use,
the AddressFamily directive could be ignored. bz5326
* sftp(1): correct handling of the limits at openssh.com option when
the server returned an unexpected message.
* A number of fixes to the PuTTY and Dropbear regress/integration
tests.
* ssh(1): release GSS OIDs...