similar to: [Bug 1376] New: 'ssh-keygen -HF' hashes host,IP together

hi, the corner case of '-HF' hashes the whole hostline and not just the host xor IP address which means that usually it will hash "HOST,IP". This will never be matched if manually included into the known_host file. Patch against 4.7p1 attached. J. -- Jan Pechanec -------------- next part -------------- --- openssh-4.7p1/ssh-keygen.c Mon Feb 19 12:10:25 2007 +++

Scenario: I have access to a semi-public (about 30 users) server where I keep my webpage. Occasionally, especially if I'm on the road. I use this as a bounce point to get to "secured" systems which only allow ssh from certian IP's. (Ignoring the discussion on spoofing, since we have host keys) But host keys are the problem. If anyone gets root on this hypothetical

http://bugzilla.mindrot.org/show_bug.cgi?id=112 Summary: Using host key fingerprint instead of "yes" Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: ssh AssignedTo: openssh-unix-dev at mindrot.org

Hi list, I use ssh a lot and I often need to connect to hosts whose host key has changed. If a host key of the remote host changes ssh terminates and the user has to manually delete the offending host key from known_hosts. I had to do this so many times that I no longer like the idea ;-) I would really like ssh to ask me if the new host key is OK and if I want to add it to known_hosts. I talked

http://bugzilla.mindrot.org/show_bug.cgi?id=780 Summary: ssh host-key hash should match ssh-add/ssh-keygen hash Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: Linux Status: NEW Severity: enhancement Priority: P2 Component: ssh AssignedTo: openssh-bugs at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=1545 Summary: ssh-keygen -R removes all comments from known_hosts file Product: Portable OpenSSH Version: 5.1p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: ssh-keygen AssignedTo:

Hy, I have a network with WIFI communication and VHF/ HF channels. I have integrated asterisk in the network using SIP, ZAP and IAX2 channels for WIFI communications, but I don't Know How I could integrate the VHF/ HF channels. I have heard speaking about app_rpt project, but I don't Know very much about this. Could I integrate VHF/ HF channels with this application? if the answer is

https://bugzilla.mindrot.org/show_bug.cgi?id=3083 Bug ID: 3083 Summary: Passing tilde (HOME) in file option results in cryptic error Product: Portable OpenSSH Version: 8.1p1 Hardware: ix86 OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh-keygen

https://bugzilla.mindrot.org/show_bug.cgi?id=2591 Bug ID: 2591 Summary: ssh-keygen -R is case-sensitive, but should not be Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: minor Priority: P5 Component: ssh-keygen Assignee: unassigned-bugs

https://bugzilla.mindrot.org/show_bug.cgi?id=3600 Bug ID: 3600 Summary: please make ssh-keygen symlink aware for proper handling of hosts removal in symlinked known_hosts Product: Portable OpenSSH Version: 9.3p2 Hardware: amd64 OS: Linux Status: NEW Severity: enhancement

https://bugzilla.mindrot.org/show_bug.cgi?id=2241 Bug ID: 2241 Summary: ssh-keygen -R removes matching key as well as @cert-authority Product: Portable OpenSSH Version: 6.6p1 Hardware: amd64 OS: Mac OS X Status: NEW Severity: minor Priority: P5 Component: ssh-keygen

http://bugzilla.mindrot.org/show_bug.cgi?id=997 Summary: Correction to man page for ssh-keygen Product: Portable OpenSSH Version: 4.0p1 Platform: All OS/Version: All Status: NEW Severity: trivial Priority: P5 Component: Documentation AssignedTo: openssh-bugs at mindrot.org ReportedBy:

https://bugzilla.mindrot.org/show_bug.cgi?id=2145 Bug ID: 2145 Summary: ssh-keygen -R doesn't work when there are entries for "proxycommand" keys Product: Portable OpenSSH Version: 6.2p1 Hardware: Other OS: Linux Status: NEW Severity: trivial Priority: P5

https://bugzilla.mindrot.org/show_bug.cgi?id=2045 Priority: P5 Bug ID: 2045 Assignee: unassigned-bugs at mindrot.org Summary: point user to ssh-keygen -R to remove key from known_hosts Severity: enhancement Classification: Unclassified OS: All Reporter: thomas at koch.ro Hardware: All

Hi, I tripped over the effects of commit 660854 [0] when moving some infrastructure from Debian 7 to 8 (openssh 6.0 to 6.7); our ansible module used "return 0, but no output" for 'host not found in known_hosts file', and now complains that ssh-keygen is returning an error status. I don't think this change in API was announced in the release notes? i.e. ssh-keygen -F

Since ssh-keygen is not listing the _types_ of keys I have in my file, wouldn't it be a good idea to make the -t switch filtering out the selected type of key when doing a listing with -l? i.e. in this case I see both rsa1, rsa, and dss keys: $ ssh-keygen -l -f ~/.ssh/known_hosts 1024 a9:4f:0b:b6:33:d7:d0:ad:6a:11:b4:57:25:7e:1e:f8 fluff.x42.com 1024

I have confirmed this behavior from OpenSSH 6.6 in OS X (from MacPorts) and 6.6 in Ubuntu. I have set up a SSH Certificate authority, and as such I put in the following line at the top of my known_hosts file @cert-authority *.mydomain.com ssh-rsa <public key> Below this are all my hashed entries for various other hosts that I?ve contacted over the years. Every once in a while I?ll

http://bugzilla.mindrot.org/show_bug.cgi?id=1372 Summary: sshd(8) and ssh-keygen(1) refer to non-existent moduli(5) Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Documentation AssignedTo: bitbucket at

https://bugzilla.mindrot.org/show_bug.cgi?id=1477 Summary: ssh-keygen not reading stdin as expected Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: ix86 OS/Version: OpenBSD Status: NEW Severity: normal Priority: P2 Component: ssh-keygen AssignedTo:

OpenSSH 4.9 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches,