search for: hostkeyalia

Displaying 20 results from an estimated 83 matches for "hostkeyalia".

Did you mean: hostkeyalias
2005 May 12
6
[Bug 1039] Incomplete application of HostKeyAlias in ssh
http://bugzilla.mindrot.org/show_bug.cgi?id=1039 Summary: Incomplete application of HostKeyAlias in ssh Product: Portable OpenSSH Version: 4.0p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: bitbucket at mindrot.org ReportedBy: cdmclain at ll.mi...
2013 Apr 17
1
[Bug 1039] Incomplete application of HostKeyAlias in ssh
...------------------------------------------------ CC| |imorgan at nas.nasa.gov --- Comment #13 from Iain Morgan <imorgan at nas.nasa.gov> --- My apologies for re-opening a long-closed bug, but this feature seems like a bad idea. The description of HostKeyAlias in ssh_config(5) only refers to using the alias for the purpose of looking up or storing keys. Thus, having it also affect the password prompt is quite unexpected. While the current behaviour addresses one issue, it creates others: In our environment, we use a proxy command to implement load-bala...
2017 Jun 12
7
[Bug 2728] New: HostKeyAlias not respected for certificate authority host key validation
https://bugzilla.mindrot.org/show_bug.cgi?id=2728 Bug ID: 2728 Summary: HostKeyAlias not respected for certificate authority host key validation Product: Portable OpenSSH Version: 7.5p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: ssh...
2015 Feb 19
2
Proposal: Allow HostKeyAlias to be used in hostname check against certificate principal.
...inst a user-specified name that differs from that address seems a legitimate request -- one may also have a situation where name resolution is not available, for instance, and wish to connect to a system whose name is known by IP without the situation posited above. I'd like to propose that if HostKeyAlias is set, this be used as a second name against which a certificate may be considered valid, should it match. A trivial patch implementing this behavior is attached.
2015 Feb 23
6
[Bug 2359] New: [PATCH] Allow HostKeyAlias to be used in hostname check against certificate principal
https://bugzilla.mindrot.org/show_bug.cgi?id=2359 Bug ID: 2359 Summary: [PATCH] Allow HostKeyAlias to be used in hostname check against certificate principal Product: Portable OpenSSH Version: 6.7p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh...
2005 Jun 17
0
[Bug 1039] Incomplete application of HostKeyAlias in ssh
http://bugzilla.mindrot.org/show_bug.cgi?id=1039 ------- Additional Comments From djm at mindrot.org 2005-06-17 13:54 ------- I don't understand: you know the alias hostname, because it is there on the commandline, so the prompt is providing you more, real information. Can you give me a real-life scenario where showing the alias hostname would be important? ------- You are receiving
2005 Nov 24
0
[Bug 1039] Incomplete application of HostKeyAlias in ssh
http://bugzilla.mindrot.org/show_bug.cgi?id=1039 ------- Comment #8 from dtucker at zip.com.au 2005-11-24 19:47 ------- (In reply to comment #7) > I don't understand: you know the alias hostname, because it is there on the > commandline, so the prompt is providing you more, real information. > > Can you give me a real-life scenario where showing the alias hostname would be
2010 Mar 25
0
[Bug 1039] Incomplete application of HostKeyAlias in ssh
https://bugzilla.mindrot.org/show_bug.cgi?id=1039 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #12 from Darren Tucker <dtucker at zip.com.au> 2010-03-26 10:51:05 EST --- With the
2004 Sep 10
11
[Bug 910] known_hosts port numbers
http://bugzilla.mindrot.org/show_bug.cgi?id=910 mindrot at askneil.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mindrot at askneil.com ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the
2002 Sep 10
8
[Bug 393] 'known_hosts' file should be indexed by IP:PORT, not just IP
...Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From markus at openbsd.org 2002-09-11 06:18 ------- i don't think this will happen any time soon. what does ip:port mean for hostbased authentication? why does HostKeyAlias not help? why should i have 10 entries for the hostkey if i run sshd on 10 different ports on the same machine? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
2020 Mar 24
2
[Feature Request] Add (and check against) IP to known_hosts even when domain is used to connect
...the right way since I had enabled the daily digest and I'm not sure if it's the right way to use Thunderbirds "Reply List" feature on this digest. If it's wrong this way I apologize. I turned of the daily digest so my next messages should be correct. > Are you aware of HostKeyAlias? Yes I read that but as far as I understand the feature is more like aliasing commands in linux (so i.e if I have a server which I use as webserver I could create the alias "webserver", configure the hostname, port etc. and then just use the alias "webserver" instead of typi...
2005 Dec 10
2
known_hosts and multiple hosts through a NAT router
The .ssh/known_hosts table cannot handle reaching different sshd servers behind a NAT router. The machines are selected by having the SSHDs respond to differnt ports. A second request would be to allow known_hosts checking solely on the dns name, wildcarding the IP address. This would be useful to avoid continuously warning the user every time you connect to a machine with a changing IP address
2004 Sep 08
0
[PATCH]Extending user@host syntax
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, the following patch extends the user at host syntax on the ssh command line to allow an additional HostKeyAlias and Port to be given as a single argument, eg: ssh user at localhost%8022,www.tdl.com is equivalent to ssh -o 'HostKeyAlias www.tdl.com' -p 8022 user at localhost The patch is particularly useful when ssh is called from other programs or scripts and the ssh connection is to be est...
2023 Aug 18
1
Host key verification (known_hosts) with ProxyJump/ProxyCommand
On Fri, 18 Aug 2023 at 17:18, Stuart Longland VK4MSL <me at vk4msl.com> wrote: > On 18/8/23 15:39, Darren Tucker wrote: [...] > > I think you just need "HostKeyAlias mytarget" here. > > Ahh, in my scanning through the `ssh_config` manpage, I missed this, and > change logs seem to indicate this feature has been around since at least > 2017, so should not cause compatibility issues with the other users. The OpenSSH Release Notes page is a good...
2002 Feb 01
4
OpenSSH Key Storage
I have had a brief discussion with Damien Miller (below) about storing host port values in the known_hosts file so as to track multiple ssh sessions (with independant keys) that run on a single host but accept connections on different ports. If it were possible to state that a given key for a remote host belonged to that host's ssh session on port 23 and that another key belonged to that
2001 Aug 28
2
[patch] known hosts with ports
Hello. We are currently installing a new firewall, and would like to use a mixture of NAT and port mapping to have a single "gateway" host address which exposes a range of open ports, each of which maps to sshd of a different host in our internal network (e.g. ssh.jesus.cam.ac.uk on port 6789 maps to internal host1 port 22 whereas ssh.jesus.cam.ac.uk on port 6790 maps to internal
2002 Oct 16
3
ssh-3.5p1 core dumps on Solaris 2.6
...form/SUNW,Ultra-30/lib/libc_psr.so.1...done. Reading symbols from /usr/lib/nss_files.so.1...done. #0 0xef4a5400 in strlen () (gdb) where #0 0xef4a5400 in strlen () #1 0xef4dc7e4 in _doprnt () #2 0xef4e5c88 in vsnprintf () #3 0x42bfc in do_log (level=SYSLOG_LEVEL_DEBUG1, fmt=0xb9e28 "using hostkeyalias: %s", args=0xefffe510) at log.c:385 #4 0x42574 in debug (fmt=0xb9e28 "using hostkeyalias: %s") at log.c:159 #5 0x20c04 in check_host_key (host=0x5a "", hostaddr=0xf3560, host_key=0xffaa8, readonly=0, user_hostfile=0x81 "", system_hostfile=0x69 " -v...
2002 Jan 25
4
[Bug 80] Host key conflict with two servers on one IP
...|Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WORKSFORME ------- Additional Comments From djm at mindrot.org 2002-01-26 09:59 ------- You can use the HostKeyAlias option in ~/.ssh/config or /etc/ssh_config to "rename" hosts to avoid these collisions. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
2002 Aug 21
3
[Bug 80] Host key conflict with two servers on one IP
http://bugzilla.mindrot.org/show_bug.cgi?id=80 ------- Additional Comments From eric-ossh at brouhaha.com 2002-08-22 04:57 ------- This "HostKeyAlias" business seems like a flimsy excuse for not implmeenting a feature that users want. In this age of ubiquitous firewalls and NAT, it is NOT reasonable to assume that two ports on the same IP address refer to the same host, or to the same SSH server. Even if you run two SSH daemons on one ho...
2020 Jun 01
1
[Bug 3176] New: can't figure out how to test StrictHostKeyChecking accept-new
...rictHostKeyChecking accept-new" option but when I tried to check that it works correctly, I got confused. How do I pretend that the host key has changed? I thought it would be enough to change the corresponding key in .ssh/known_hosts, but this just causes a new entry to be added with the same HostKeyAlias: # first I deleted the key from .ssh/known_hosts $ grep TH1LmIM .ssh/known_hosts [1]$ ssh -F /dev/null -o "StrictHostKeyChecking accept-new" -o HostKeyAlias=foo ofb.net echo hi Warning: Permanently added 'foo,104.197.242.163' (ECDSA) to the list of known hosts...