Displaying 20 results from an estimated 747 matches for "known_host".
Did you mean:
known_hosts
2017 Jan 28
3
known_hosts question for Ubuntu Server 14.04 and 16.04 LTS
Hello & thanks for reading.
I'm having a problem configuring known_hosts from scripts so an accept
key yes/no prompt doesn't appear.
I'm using this command to detect if the server is known and add it to
known_hosts:
if ! ssh-keygen -F ${IP_ADDR} -f ~/.ssh/known_hosts > /dev/null 2>&1; t
hen ssh-keyscan -p ${PORT} ${IP_ADDR} >> ~/.ssh/known_hos...
2014 Oct 06
2
[Bug 2285] New: Say NOT updated instead of updated
...OS: Linux
Status: NEW
Severity: trivial
Priority: P5
Component: ssh-keygen
Assignee: unassigned-bugs at mindrot.org
Reporter: jidanni at jidanni.org
We observe that aside from the first run below,
the message "/home/jidanni/.ssh/known_hosts updated." is incorrect.
Using diff(1) we show that the contents remain the same.
Therefore in the latter cases, saying
"/home/jidanni/.ssh/known_hosts NOT updated."
would be better. Nor is there any reason to write a backup.
$ ssh-keygen -f "/home/jidanni/.ssh/known_hosts"...
2020 Oct 04
3
UpdateHostkeys now enabled by default
...20, Damien Miller wrote:
> > >
> > > > No - I think you've stumbled on a corner case I hadn't anticipated.
> > > > Does your configuration override CheckHostIP at all?
> >
> > No.
> >
> > > >
> > > > What are the known_hosts entries for the hostname and IP?
> > >
> > > Also, do you use HashKnownHosts? or do you have any hashed host lines
> > > in known_hosts?
> >
> > Yes I use HashKnownHosts yes
>
> Thanks - I think that was the missing piece of the puzzle. Can you
>...
2019 Oct 20
5
[Bug 3083] New: Passing tilde (HOME) in file option results in cryptic error
...: NEW
Severity: enhancement
Priority: P5
Component: ssh-keygen
Assignee: unassigned-bugs at mindrot.org
Reporter: s.egbert at sbcglobal.net
The command in question discovered in earlier 7.9p1 and also in latest
8.1p1:
ssh-keygen -f "~/.ssh/known_hosts" -R "johndoe"
Expected output:
known_hosts: No such file or directory
The actual result output is:
mkstemp: No such file or directory
`strace -f` shows:
openat(AT_FDCWD, "~/.ssh/known_hosts.TgA5TDcI46",
O_RDWR|O_CREAT|O_EXCL, 0600) = -1 ENOENT (No such fi...
2008 Oct 29
0
ssh disregarding umask for creation of known_hosts (and other files?)
Hey folks--
When ssh creates a known_hosts file for a user, it disregards the
currently-set umask, and can actually turn on mode bits that the user
has explicitly masked. While i'm happy to have ssh make files *more*
secure than my umask (in situations where that's reasonable, like the
creation of new ssh keys, etc), i'm not s...
2023 Oct 10
17
[Bug 3627] New: openssh 9.4p1 does not see RSA keys in know_hosts file.
...leges, immediate termination of employment,
and/or
prosecution to the fullest extent of the law.
Last login: Mon Oct 9 11:00:11 2023 from 10.10.10.62
#]0;user at wrkstn42: ~#user at wrkstn42:~$ exit
logout
Connection to 10.106.101.142 closed.
< user_lamborghini ~/.ssh: >
Now I have TWO known_hosts files. known_hosts and known_hosts.old.
< user_lamborghini ~/.ssh: > ls -l
total 10
-rw-r--r-- 1 user user 221 Mar 18 2012 authorized_keys
-rw-r--r-- 1 user user 26 Aug 30 10:12 config
-rw-r--r-- 1 user user 302 Sep 7 10:57 env
-rw------- 1 user user 792 Oct 9 1...
2013 Nov 11
4
[Bug 2169] New: command to remove outdated hostkey from known_hosts file wrong
https://bugzilla.mindrot.org/show_bug.cgi?id=2169
Bug ID: 2169
Summary: command to remove outdated hostkey from known_hosts
file wrong
Product: Portable OpenSSH
Version: 6.2p1
Hardware: Other
OS: Linux
Status: NEW
Severity: minor
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org...
2009 Sep 26
0
[Bug 1654] New: ~/.ssh/known_hosts.d/*
https://bugzilla.mindrot.org/show_bug.cgi?id=1654
Summary: ~/.ssh/known_hosts.d/*
Product: Portable OpenSSH
Version: 5.1p1
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: ssh
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: josh at f...
2024 Feb 14
2
How to remove old entries from known_hosts?
Is there any way to remove old entries from the known_hosts file? With
the hashed 'names' one can't easily see which entries are which. I
have around 150 lines in my known hosts but in reality I only ssh to a
dozen or so systems. All the redundant ones are because I have a
mixed population of Raspberry Pis and such on my LAN and they get
rebu...
2005 May 18
3
known_hosts vulnerability?
Hey all,
I came across a security news article, referenced by
http://www.linux.org/news, at
http://www.techworld.com/security/news/index.cfm?NewsID=3668
talking about an SSH weakness involving the known_hosts file. I
apologize if this issue has already been addressed, but the mailing list
archives didn't turn up anything when i tried searching for something
relevant. So; not to knee-jerk or anything, but is anyone currently
looking into this? Does this need to be addressed, or has it already
been t...
2010 Aug 20
1
[Feature Request] delete defined line in known_hosts file
Hi,
for a test lab, I'm trying to write a small shell script that will
eradicate all information regarding a special host from the
known_hosts file. Unfortunately, it is quite non-trivial to find out
what ssh doesn't like with a host.
ssh says which line in known_hosts has the offending key, but
ssh-keygen -R doesn't take a line number. Am I using an undocumented
interface when I simply use sed to delete the appopriate line?
If...
2003 Dec 18
2
known_hosts, IP, and port revisited
...e, for those of you who don't feel like following the bug
URL, is that when one has ssh servers behind a NAT, each of which responds
to a different port on the NAT IP, they must all have the same host key to
avoid the ssh man-in-the-middle warning about a changed host key. In short,
because the known_hosts file is indexed only by name/IP and not port, there
is no way to distinguish between servers by port.
The discussion in 2002, which led to the bug being closed without a fix,
involved how different keys for the same name/IP would affect hostbased
authentication.
It's been over a year now, an...
2009 Sep 07
6
Question about Server Authentication
Hi guys,
I'm working on a project which concern SSH and there is something i don't understand about server authentication. So I explain my problem:
- When you authorize only RSA keys in the sshd_config on the server, you need to have the RSA public key of this server in the known_hosts file of the client. This is absolutely normal.
- When you authorize only DSA keys in the sshd_config on the server, you need to have the DSA public key of this server in the known_hosts file of the client. This is also absolutely normal.
- But when you authorize both RSA and DSA keys, you are ob...
2020 Oct 04
2
UpdateHostkeys now enabled by default
On Sun, 4 Oct 2020, Matthieu Herrb wrote:
> Hi,
>
> on OpenBSD-current I now get this when connecting to an existing
> machine for which I have both ecdsa an ed25519 keys in my existing
> known_hosts (but apparently ed25519 keys where added only for the name
> previsously by ssh):
>
> Warning: the ED25519 host key for 'freedom' differs from the key for
> the IP address '2a03:7220:8081:6101:6552:9ca8:512b:9251'
> Offending key for IP in /home/matthieu/.ssh/known_...
2016 Dec 09
2
HashKnownHosts vs @cert-authority
Hi folks,
maybe I am too blind to see, but would it be possible to
avoid extra entries in known_hosts, if the remote host
has a signed public key matching a @cert-authority line?
Something like
Host *
HashKnownHosts unsigned
This could help to keep the known_hosts file small and
yet get all the unsigned public keys in.
Just a suggestion, of course. Regards
Harri
2005 Dec 10
2
known_hosts and multiple hosts through a NAT router
The .ssh/known_hosts table cannot handle reaching different sshd
servers behind a NAT router. The machines are selected by having
the SSHDs respond to differnt ports.
A second request would be to allow known_hosts checking solely on
the dns name, wildcarding the IP address. This would be useful
to avoid continuously...
2024 Feb 17
1
How to remove old entries from known_hosts?
Brian Candler wrote:
> Chris Green wrote:
> > ... redundant ones are because I have a mixed population of
> > Raspberry Pis and such on my LAN and they get rebuilt fairly
> > frequently and thus, each time, get a new entry in known_hosts.
> ...many useful tips...
> To disable host key checking altogether for certain domains and/or networks,
> you can put this in ~/.ssh/config:
>
> host *.lab.example.com 10.11.*
> StrictHostKeyChecking no
> UserKnownHostsFile /dev/null
> ...many useful tips...
Additiona...
2020 Feb 06
2
Call for testing: OpenSSH 8.2
On Wed, 5 Feb 2020, Phil Pennock wrote:
> On 2020-02-06 at 10:29 +1100, Damien Miller wrote:
> > * sshd(8): allow the UpdateHostKeys feature to function when
> > multiple known_hosts files are in use. When updating host keys,
> > ssh will now search subsequent known_hosts files, but will add
> > updated host keys to the first specified file only. bz2738
>
> In testing this, when the impact is to _remove_ a known_hosts entry then
> all the existing e...
2000 Mar 18
2
Keysize mismatch error on host key
...ng. I'm thinking this could be some byte swapping
issue because this box is running Solaris 2.6. This Solaris box is using
the EGD script for its random stuff, if that makes a difference. Anyone
have any ideas on where to start looking ? I'm willing to chase it
down.
I tried modifing the known_hosts file as the warning suggests to no
avail.
Heres the output of what I'm seeing:
The authenticity of host 'xxx.somewhere.net' can't be
established.
Key fingerprint is 1024
28:b0:37:af:d4:ec:09:1f:fb:4f:5e:47:e8:fb:b1:c8.
Are you sure you want to continue connecting (yes/no)? ye...
2020 Jul 17
0
[Bug 1654] ~/.ssh/known_hosts.d/*
...serKnownHostsFile and
the '%k' TOKEN for the HostKeyAlias. This combination should be an
effective way to implement this in the config file should you want it.
(In reply to Josh Triplett from comment #2)
> Right. For the initial pass, ssh would still always write new keys
> to .ssh/known_hosts, and only *read* from known_hosts.d; the user
> would manually split entries out into files in that directory. Any
> change to automatically write out split files could come later.
Since UserKnownHostsFile takes multiple args but only writes to the
first, you can now implement those semant...