similar to: [Bug 1426] New: ssh key verification hint (on remote side)

http://bugzilla.mindrot.org/show_bug.cgi?id=523 Summary: ssh saves only host/ip information in known_hosts while port information is missing Product: Portable OpenSSH Version: 3.5p1 Platform: Other OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: ssh

Hi, I submitted a patch back in November of 2009 to add local validation of DNSSEC record to openssh. I recent updated the patch for 5.8, and figured I do a little marketing while I'm at it. :-) Someone had previously submitted a patch which simply trusted the AD bit in the response, which is susceptible to spoofing by anyone who can inject packets between the resolver and the client. Our

Here you go: OpenSSH_7.9p1, OpenSSL 1.1.1d 10 Sep 2019 debug1: Reading configuration data /home/ryantm/.ssh/config debug1: /home/ryantm/.ssh/config line 4: Applying options for * debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 13: Applying options for * debug2: resolving "{REDACTED}" port 22 debug2: ssh_connect_direct debug1: Connecting to

Hello. I am running OpenSSH 7.9p1 on my client and server. ssh-keyscan shows the server has ssh-rsa, ssh-ed25519, and ecdsa-sha2-nistp256 host keys. My /etc/ssh/ssh_known_hosts file contains the server's ssh-ed25519 host key. When I try to SSH to the server I get this error: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!

https://bugzilla.mindrot.org/show_bug.cgi?id=3216 Bug ID: 3216 Summary: Confusing error "host key ... has changed" when connecting to a server not offering matching host key types Product: Portable OpenSSH Version: 7.9p1 Hardware: ARM64 OS: Linux Status: NEW

Here's another one for ya, I can ssh into my server from workstationB but when I try to ssh into workstationB from my server I get this error message. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone

Hello, While running 'cvs up' against the CVS repository for the portable branch of OpenSSH, I received the following warning: % cvs up @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be

https://bugzilla.mindrot.org/show_bug.cgi?id=3219 Bug ID: 3219 Summary: Can't connect to a server that is using several host keys of the same type Product: Portable OpenSSH Version: 8.4p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5

https://bugzilla.mindrot.org/show_bug.cgi?id=3221 Bug ID: 3221 Summary: hostkey preference ordering is broken in some situations Product: Portable OpenSSH Version: 8.4p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh

I've got a problem that I'm hoping the list can help with, otherwise ... Heres the problem, I've got OpenSSH 1.2.2p1 running on my Intel Linux box as the secure server. I can connect from another Intel Linux box using scp and it all seems to work fine. Another box tries to connect and it gets a warning about the host keysize not matching. I'm thinking this could be some byte

Hello, a moment ago i got this: : @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ : @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ : @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ : IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! : Someone could be eavesdropping on you right now (man-in-the-middle attack)! : It is also possible that the RSA host key

http://bugzilla.mindrot.org/show_bug.cgi?id=454 ------- Additional Comments From robbat2 at gentoo.org 2004-06-11 15:34 ------- will this ever be implemented, or is it waiting for somebody to send in code for it? existing $HOME/.ssh/known_hosts file has the following format: 'host keytype keydata' where host is a either an IP or a name that resolves to the IP of the machine in

I've running a rsyncd and ssh port forwarding (-R 12345:localhost:873 backup@server) on a client because the client should not reachable but over ssh. The rsyncd should acessible because I can backup and restore files with backuppc (a wonderfull program which use perl::rsync) And I can "ssh -p 12345 backup@localhost" to this client too. If I try to connect (from the machine/user

Greetings, I am trying to cross compile OpenSSH 4.7 for ppc with QNX Neutrino as my OS. I have a workstation with QNX on it (x86) and I have linked the utils used by autoconf to their ppc versions. I have been able to successfully build sshd/ssh. I copy the binaries built on the x86 to the ppc, and sshd works great. I can ssh from any machine to it, but when I try to ssh from the ppc machine to

Folks, I read the 5.7 release announcement and updated, to try out ECDSA. Most parts worked very smoothly. The inability to create SSHFP records is understandable, since IANA haven't allocated a code yet. One apparent bug: I think StrictHostKeyChecking=ask is broken for ECDSA. % ssh -o HostKeyAlgorithms=ecdsa-sha2-nistp256 localhost

Hi, below is a patch to simply mention 'ssh-keygen' when a fingerprint does not match between the known_hosts file and the remote. I find that many people are unaware that ssh-keygen can do this for them. adding a copy-and-pasteable message in the warning will make users more aware. Description: Mention ssh-keygen in ssh fingerprint changed warning Author: Scott Moser <smoser at

https://bugzilla.mindrot.org/show_bug.cgi?id=1843 Summary: ssh should mention ssh-keyscan in remote host fingerprint warning Product: Portable OpenSSH Version: 5.6p1 Platform: All OS/Version: All Status: NEW Severity: minor Priority: P2 Component: ssh AssignedTo: unassigned-bugs

ssh -oStrictHostKeyChecking=no scrub @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just

https://bugzilla.mindrot.org/show_bug.cgi?id=2241 Bug ID: 2241 Summary: ssh-keygen -R removes matching key as well as @cert-authority Product: Portable OpenSSH Version: 6.6p1 Hardware: amd64 OS: Mac OS X Status: NEW Severity: minor Priority: P5 Component: ssh-keygen

Hi all, I noticed a bit of an odd issue with maintaining `known_hosts` when the target machine is behind a bastion using `ProxyJump` or `ProxyCommand` with host key clashes. Client for me right now is OpenSSH_9.3p1 on Gentoo Linux/AMD64. I'm a member of a team, and most of us use Ubuntu (yes, I'm a rebel). Another team who actually maintain this fleet often access the same machines