Displaying 20 results from an estimated 4000 matches similar to: "[Bug 1194] .host is known, .00host isn't ... or is it?"
2007 May 17
0
[Bug 1194] .host is known, .00host isn't ... or is it?
http://bugzilla.mindrot.org/show_bug.cgi?id=1194
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WONTFIX
CC|
2001 Aug 28
2
[patch] known hosts with ports
Hello. We are currently installing a new firewall, and would like to use a
mixture of NAT and port mapping to have a single "gateway" host address
which exposes a range of open ports, each of which maps to sshd of a
different host in our internal network (e.g. ssh.jesus.cam.ac.uk on port
6789 maps to internal host1 port 22 whereas ssh.jesus.cam.ac.uk on port 6790
maps to internal
2008 Apr 03
0
[Bug 1194] .host is known, .00host isn't ... or is it?
https://bugzilla.mindrot.org/show_bug.cgi?id=1194
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #3 from Damien Miller <djm at mindrot.org>
2005 Dec 10
2
known_hosts and multiple hosts through a NAT router
The .ssh/known_hosts table cannot handle reaching different sshd
servers behind a NAT router. The machines are selected by having
the SSHDs respond to differnt ports.
A second request would be to allow known_hosts checking solely on
the dns name, wildcarding the IP address. This would be useful
to avoid continuously warning the user every time you connect
to a machine with a changing IP address
2020 Mar 24
2
[Feature Request] Add (and check against) IP to known_hosts even when domain is used to connect
Hello Bob and thank you for your reply,
first of all I hope that I'm answering in the right way since I had
enabled the daily digest and I'm not sure if it's the right way to use
Thunderbirds "Reply List" feature on this digest. If it's wrong this way
I apologize. I turned of the daily digest so my next messages should be
correct.
> Are you aware of HostKeyAlias?
2020 Oct 30
3
[Bug 3226] New: Feature request: Prempt fingerprint prompt when connecting to new server
https://bugzilla.mindrot.org/show_bug.cgi?id=3226
Bug ID: 3226
Summary: Feature request: Prempt fingerprint prompt when
connecting to new server
Product: Portable OpenSSH
Version: 8.4p1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component:
2002 Feb 01
4
OpenSSH Key Storage
I have had a brief discussion with Damien Miller (below) about storing
host port values in the known_hosts file so as to track multiple ssh
sessions (with independant keys) that run on a single host but accept
connections on different ports. If it were possible to state that a
given key for a remote host belonged to that host's ssh session on port
23 and that another key belonged to that
2002 Aug 21
3
[Bug 80] Host key conflict with two servers on one IP
http://bugzilla.mindrot.org/show_bug.cgi?id=80
------- Additional Comments From eric-ossh at brouhaha.com 2002-08-22 04:57 -------
This "HostKeyAlias" business seems like a flimsy excuse for not implmeenting a
feature that users want. In this age of ubiquitous firewalls and NAT, it is NOT
reasonable to assume that two ports on the same IP address refer to the same
host, or to the
2005 Aug 02
2
port forwarding trouble
Hi all,
When I set up multiple tunnels from remote hosts to ports on
localhost, I get the following error when I try to use them:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
(even though the keys haven't
2002 Apr 10
2
I need to be able to turn off host checking entirely
I have a small LAN. The entire system is within my view - all the
hosts, the switch and the wire. If someone is in a a position to do a
"man in the middle" attack, there's no need - they already have me.
Over the other side of the room, and beside my desk, I have test
systems. I use disk caddies (see www.vipower.com for examples) and can
switch operating systems in about the
2004 Sep 10
11
[Bug 910] known_hosts port numbers
http://bugzilla.mindrot.org/show_bug.cgi?id=910
mindrot at askneil.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mindrot at askneil.com
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the
2003 Jul 06
4
Known hosts and dynamic IP addresses
Hi,
it becomes more and more common to have machines with
dynamically assigned IP addresses online (e.g. DSL), which
can be found through dynamic DNS entries.
Unfortunately, the "Known Hosts" mechanism doesn't work for
these machines: Since the entry is made for the IP address,
there's a new entry every time the address changes.
Therefore, an option should be invented
2015 Feb 22
3
PKI host based principal
Hello,
Maybe I did not understand correctly the PKI trust, so forgive me if I am wrong.
For example, I have multiple hosts that all serves as monitoring
server, I would like to trust only these hosts, so I enrol a
certificate for these using "monitoring" principal, so I can connect
only to these.
At first I thought we can do Match statement at ssh_config, however,
the Match is being
2002 Sep 10
8
[Bug 393] 'known_hosts' file should be indexed by IP:PORT, not just IP
http://bugzilla.mindrot.org/show_bug.cgi?id=393
markus at openbsd.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
------- Additional Comments From markus at openbsd.org 2002-09-11
2023 Aug 18
1
Host key verification (known_hosts) with ProxyJump/ProxyCommand
Hi all,
I noticed a bit of an odd issue with maintaining `known_hosts` when the
target machine is behind a bastion using `ProxyJump` or `ProxyCommand`
with host key clashes.
Client for me right now is OpenSSH_9.3p1 on Gentoo Linux/AMD64. I'm a
member of a team, and most of us use Ubuntu (yes, I'm a rebel). Another
team who actually maintain this fleet often access the same machines
2005 May 12
6
[Bug 1039] Incomplete application of HostKeyAlias in ssh
http://bugzilla.mindrot.org/show_bug.cgi?id=1039
Summary: Incomplete application of HostKeyAlias in ssh
Product: Portable OpenSSH
Version: 4.0p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: bitbucket at mindrot.org
ReportedBy: cdmclain
2020 May 30
0
[Bug 1602] ssh: doesn't handle IPv6 addresses with brackets
https://bugzilla.mindrot.org/show_bug.cgi?id=1602
--- Comment #8 from Marc Herbert <marc.herbert+mindrot at gmail.com> ---
Fun fact: ssh _does_ produce brackets for IPv6 addresses in
.ssh/known_hosts:
[review.openstack.org]:29418,[104.130.246.32]:29418 ssh-rsa
AAAAB3NzaC1yc2...
[review.openstack.org]:29418,[2001:4800:7819:103:be76:4eff:fe04:9229]:29418
ssh-rsa AAAAB3Nza...
But it
2018 Apr 24
2
AIX make checks issue
On 23/04/2018 11:49, Michael Felt wrote:
> On 21/04/2018 16:21, Michael Felt wrote:
>
>
> Question: I have not dug into the tests yet. Will copy to a "local"
> directory, and not build out of tree and see if that fixes it (as it
> does for many other packages). However, just in case it does not - how
> can I fast-forward the tests to the "agent" tests?
2006 May 06
1
[Bug 910] known_hosts port numbers
http://bugzilla.mindrot.org/show_bug.cgi?id=910
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #954 is|0 |1
obsolete| |
Attachment #1052 is|0 |1
obsolete|
2023 Aug 18
1
Host key verification (known_hosts) with ProxyJump/ProxyCommand
On Fri, 18 Aug 2023 at 17:18, Stuart Longland VK4MSL <me at vk4msl.com> wrote:
> On 18/8/23 15:39, Darren Tucker wrote:
[...]
> > I think you just need "HostKeyAlias mytarget" here.
>
> Ahh, in my scanning through the `ssh_config` manpage, I missed this, and
> change logs seem to indicate this feature has been around since at least
> 2017, so should not cause