Displaying 20 results from an estimated 462 matches for "hostkey".
2012 Dec 27
3
[PATCH] hostfile: list known names (if any) for new hostkeys
When connecting to a host for which there's no known hostkey, check if the
relevant key has been accepted for other hostnames. This is useful when
connecting to a host with a dymamic IP address or multiple names.
---
auth.c | 4 ++--
hostfile.c | 42 ++++++++++++++++++++++++++++--------------
hostfile.h | 8 ++++++--
sshconnect.c | 39 +++++...
2015 Feb 20
3
SUCCESS: OpenSSH_6.7p1-snap20150220
Compiled OK, and operating nicely on CentOS 6.6, both 32/64 bit.
Really appreciate the UpdateHostkeys feature!
One issue I noticed, the screen output gets garbled if the user has been "asked" to "Accept" the new hostkeys.
Looks like the screen output is missing the CR's, and only LF's get presented.
[root at be2 .ssh]# ssh be1 ls -l
Warning: Permanently added 'be1,...
2023 Jun 30
0
[centos/centos.org] branch main updated: Adding new hostkey.com sponsor
This is an automated email from the git hooks/post-receive script.
arrfab pushed a commit to branch main
in repository centos/centos.org.
The following commit(s) were added to refs/heads/main by this push:
new 860d2c9 Adding new hostkey.com sponsor
860d2c9 is described below
commit 860d2c965949164c393d15685d1c49c3d3b8d637
Author: Fabian Arrotin <arrfab at centos.org>
AuthorDate: Fri Jun 30 15:04:44 2023 +0200
Adding new hostkey.com sponsor
Signed-off-by: Fabian Arrotin <arrfab at centos.org>
---
_sponso...
2019 Oct 21
2
Multiple Signatures on SSH-Hostkeys
Hello, OpenSSH-wizards.
In our company, we have looked into SSH-HostKey-signing in order to
realize automated access without the need to accept the server's
hostkey, manually.
I got it to work with the HostCertificate-directive inside the
sshd_config.
Now, I was wondering whether it is possible to have multiple
signatures, so I can, for example, sign the ho...
2002 Jan 31
7
x509 for hostkeys.
This (very quick) patch allows you to connect with the commercial
ssh.com windows client and use x509 certs for hostkeys. You have
to import your CA cert (ca.crt) in the windows client and certify
your hostkey:
$ cat << 'EOF' > x509v3.cnf
CERTPATHLEN = 1
CERTUSAGE = digitalSignature,keyCertSign
CERTIP = 0.0.0.0
[x509v3_CA]
basicConstraints=critical,CA:tru...
2020 Apr 26
5
[Bug 3155] New: openssh support hostkey encrypt
https://bugzilla.mindrot.org/show_bug.cgi?id=3155
Bug ID: 3155
Summary: openssh support hostkey encrypt
Product: Portable OpenSSH
Version: 8.2p1
Hardware: ARM64
OS: Linux
Status: NEW
Severity: security
Priority: P5
Component: ssh-keygen
Assignee: unassigned-bugs at mindrot.org
Reporter...
2007 Jan 30
3
[Bug 1279] Address- and/or port-specific HostKeys support
http://bugzilla.mindrot.org/show_bug.cgi?id=1279
Summary: Address- and/or port-specific HostKeys support
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: sshd
AssignedTo: bitbucket at mindrot.org
ReportedBy: mi+mind...
2002 Jun 05
1
Per-port hostkeys
My apologies if this has been covered already. My search of the archives
was unfruitful.
OpenSSH seems to be lacking a certain capability present in ssh.com's
client; namely, the ability to store remote hostkeys on a per-port basis.
I have various machines that, due to iptables port-forwarding, appear to
be running copies of (open)sshd on multiple ports. "Commercial" ssh
stores hostkeys in files named "key_<port>_host.pub"; this is useful,
because it allows for recording the ke...
2001 Oct 24
3
Inconsistent server/client configuration
It appears somewhat inconsistent to me that parameter HostKey is configurable
on the server side but fixed on the client side.
On the client, always _PATH_HOST_KEY_FILE, _PATH_HOST_DSA_KEY_FILE,
_PATH_HOST_RSA_KEY_FILE are used (in this order), whereas on the server,
the paths can be specified by up to three HostKey options as arbitrary names
in arbitrary seq...
2008 Jun 27
1
HostKey check for remote hosts via local ports
Another issue for which there might be some tricks that I don't know of:
I have a set of ports on my local machine forwarded (via ssh LocalForward) to machines that I can't directly reach on the localhost. However, as I connect to those machines I get HostKey warnings since it looks for the HostKey of the 'localhost' and depending on the port, it is of course different.
Is there a way around this? Could the host key be associated to another name like:
Host amsterdam
Hostname = localhost
Port = 40022
KeyHostname = amsterdam
Host paris...
2015 Dec 23
2
Why hostkeys-00@openssh.com is following user authentication?
Hello,
This hostkeys extension is great, reading[1]:
"""
OpenSSH supports a protocol extension allowing a server to inform a
client of all its protocol v.2 host keys after user-authentication has
completed.
"""
I wonder, why should user authentication be completed before this
functionali...
2002 Jan 07
1
Non-root hostname auth problem
...over, passed a different list keyboard-interactive,hostbased
debug3: preferred hostbased,password
debug3: authmethod_lookup hostbased
debug3: remaining preferred: password
debug3: authmethod_is_enabled hostbased
debug1: next auth method to try is hostbased
debug1: userauth_hostbased: no more client hostkeys
debug2: we did not send a packet, disable method
debug1: no more auth methods to try
Permission denied (keyboard-interactive,hostbased).
******************
****sshd_config on server****
Port 1024 # for testing without annoying the users
#Port 22
Protocol 2
#ListenAddress 0.0.0.0
#ListenAddress :...
2002 Feb 12
3
Problem with ssh-keyscan: no hostkey alg
Hi,
I am using ssh-keyscan with a list of hosts, such as:
ssh-keyscan -t rsa -f hosts_for_keyscan
Some of the hosts in the list have dsa, but no rsa keys. For such
hosts, the command displays:
no hostkey alg
When this is the case for 2 hosts, this message appears twice AND
SSH-KEYSCAN STOPS QUERYING, which means that no keys at all are
returned for the following hosts.
Here is the part of the trace corresponding to the problem. In this
example hosts 157.159.100.120 and 157.159.100.122 have dsa bu...
2016 Aug 03
2
Configure option '--with-ssh1' breaks openssh-7.3p1
...with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
# The default requires explicit activation of protocol 1
#Protocol 2
# HostKey for protocol version 1
#HostKey /usr/local/etc/ssh_host_key
# HostKeys for protocol version 2
#HostKey /usr/local/etc/ssh_host_rsa_key
#HostKey /usr/local/etc/ssh_host_dsa_key
#HostKey /usr/local/etc/ssh_host_ecdsa_key
#HostKey /usr/local/etc/ssh_host_ed25519_key
HostKey /etc/ssh/ssh_host_rsa_key
H...
2013 Jun 25
1
RFC: encrypted hostkeys patch
Hi,
About a year and a half ago I brought up the topic of encrypted hostkeys
and posted a patch
(http://marc.info/?l=openssh-unix-dev&m=132774431906364&w=2), and while the
general reaction seemed receptive to the idea, a few problems were pointed
out with the implementation (UI issues, ssh-keysign breakage).
I've finally had some spare time in which to get bac...
2016 Oct 26
2
[Bug 2631] New: Hostkey update and rotation - No IP entries added to known_hosts
https://bugzilla.mindrot.org/show_bug.cgi?id=2631
Bug ID: 2631
Summary: Hostkey update and rotation - No IP entries added to
known_hosts
Product: Portable OpenSSH
Version: 7.3p1
Hardware: amd64
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh...
2002 Apr 15
0
[Bug 216] New: ssh-keygen vs. SSH Version 2.0.13 hostkeys
http://bugzilla.mindrot.org/show_bug.cgi?id=216
Summary: ssh-keygen vs. SSH Version 2.0.13 hostkeys
Product: Portable OpenSSH
Version: 3.1p1
Platform: UltraSparc
OS/Version: Solaris
Status: NEW
Severity: normal
Priority: P2
Component: ssh-keygen
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy:...
2013 Jul 25
2
[Bug 2131] New: ssh: list known names (if any) for new hostkeys
https://bugzilla.mindrot.org/show_bug.cgi?id=2131
Bug ID: 2131
Summary: ssh: list known names (if any) for new hostkeys
Product: Portable OpenSSH
Version: 6.2p1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: os at ohmu.fi...
2013 Jan 16
2
HostKey Management
Hi,
As far as I can tell, when working in an environment with many servers,
there seem to be several ways for your client to authenticate the
HostKeys of each:
1) Set StrictHostKeyChecking=no, and hope you don't get MITM'd the first
time you connect to a server.
2) Use SSHFP records (which generally requires you to have DNSSEC fully
deployed to be meaningful compared to #1, I think?)
3) Build a massive /etc/ssh/ssh_known_hosts file wi...
2011 Sep 20
5
Different HostKeys for different hostnames or IPs in the same sshd?..
...it will be changed to
"service-dr.example.net".
How do we configure things so that the users and the automated scripts aren't
"freaked-out" by the key of "service.example.net" suddenly changing, when the
DNS is changed? Other than both machines using the same hostkey, of course...
Can sshd use a different key depending on which name it is contacted under --
that is, does the ssh-protocol have anything like HTTP's Host:-header? If not,
can sshd offer a different key depending on the IP-address, that the incoming
connection uses?
Thanks for any ideas. Yo...