Displaying 20 results from an estimated 11000 matches similar to: "[Bug 523] ssh saves only host/ip information in known_hosts while port information is missing"
2011 Jul 20
1
auto-accept keys matching DNSSEC-validated SSHFP records
Hi,
I submitted a patch back in November of 2009 to add local validation of
DNSSEC record to openssh. I recent updated the patch for 5.8, and
figured I do a little marketing while I'm at it. :-)
Someone had previously submitted a patch which simply trusted the AD
bit in the response, which is susceptible to spoofing by anyone who can
inject packets between the resolver and the client. Our
2008 Jan 04
2
[Bug 1426] New: ssh key verification hint (on remote side)
https://bugzilla.mindrot.org/show_bug.cgi?id=1426
Summary: ssh key verification hint (on remote side)
Classification: Unclassified
Product: Portable OpenSSH
Version: 4.7p1
Platform: Other
OS/Version: Linux
Status: NEW
Severity: enhancement
Priority: P2
Component: sshd
AssignedTo: bitbucket at
2003 Jun 18
1
[Bug 598] case sensitive in host matching
http://bugzilla.mindrot.org/show_bug.cgi?id=598
Summary: case sensitive in host matching
Product: Portable OpenSSH
Version: -current
Platform: Other
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: misiek at
2003 Dec 18
2
known_hosts, IP, and port revisited
I dug through the list archives to see if this had come up before, and I
see that a bug <http://bugzilla.mindrot.org/show_bug.cgi?id=393> was
submitted and subsequently closed (basically rejected) in 2002.
The basic issue, for those of you who don't feel like following the bug
URL, is that when one has ssh servers behind a NAT, each of which responds
to a different port on the NAT IP,
2003 Mar 04
0
hashing known_hosts
Scenario:
I have access to a semi-public (about 30 users) server where I keep my
webpage. Occasionally, especially if I'm on the road. I use this as a
bounce point to get to "secured" systems which only allow ssh from
certian IP's. (Ignoring the discussion on spoofing, since we have host
keys)
But host keys are the problem. If anyone gets root on this hypothetical
2000 Mar 18
2
Keysize mismatch error on host key
I've got a problem that I'm hoping the list can help with, otherwise ...
Heres the problem, I've got OpenSSH 1.2.2p1 running on my Intel Linux
box as the secure server. I can connect from another Intel Linux box
using scp and it all seems to work fine.
Another box tries to connect and it gets a warning about the host
keysize not matching. I'm thinking this could be some byte
2009 Feb 16
1
StrictHostKeyChecking is being ignored
ssh -oStrictHostKeyChecking=no scrub
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just
2011 Sep 28
1
Fingerprint mismatch upon cvs update
Hello,
a moment ago i got this:
: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
: @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
: IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
: Someone could be eavesdropping on you right now (man-in-the-middle attack)!
: It is also possible that the RSA host key
2004 Aug 13
3
ssh problems
Here's another one for ya,
I can ssh into my server from workstationB but when I
try to ssh into workstationB from my server I get this
error message.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!
@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone
2020 Sep 29
5
[Bug 3216] New: Confusing error "host key ... has changed" when connecting to a server not offering matching host key types
https://bugzilla.mindrot.org/show_bug.cgi?id=3216
Bug ID: 3216
Summary: Confusing error "host key ... has changed" when
connecting to a server not offering matching host key
types
Product: Portable OpenSSH
Version: 7.9p1
Hardware: ARM64
OS: Linux
Status: NEW
2013 Jul 23
1
ECDSA key on anoncvs.mindrot.org
Hello,
While running 'cvs up' against the CVS repository for the portable
branch of OpenSSH, I received the following warning:
% cvs up
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be
2008 Jun 12
3
[Bug 1476] New: .ssh/known_hosts does not save port number
https://bugzilla.mindrot.org/show_bug.cgi?id=1476
Summary: .ssh/known_hosts does not save port number
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.0p1
Platform: All
OS/Version: Linux
Status: NEW
Severity: minor
Priority: P2
Component: ssh
AssignedTo: unassigned-bugs at
2020 Sep 16
2
ssh-ed25519 and ecdsa-sha2-nistp256 host keys
Hello.
I am running OpenSSH 7.9p1 on my client and server. ssh-keyscan shows
the server has ssh-rsa, ssh-ed25519, and ecdsa-sha2-nistp256 host
keys. My /etc/ssh/ssh_known_hosts file contains the server's
ssh-ed25519 host key. When I try to SSH to the server I get this
error:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!
2011 Jan 24
1
ECDSA and first connection; bug?
Folks,
I read the 5.7 release announcement and updated, to try out ECDSA. Most
parts worked very smoothly. The inability to create SSHFP records is
understandable, since IANA haven't allocated a code yet.
One apparent bug: I think StrictHostKeyChecking=ask is broken for ECDSA.
% ssh -o HostKeyAlgorithms=ecdsa-sha2-nistp256 localhost
2020 Sep 16
2
ssh-ed25519 and ecdsa-sha2-nistp256 host keys
Here you go:
OpenSSH_7.9p1, OpenSSL 1.1.1d 10 Sep 2019
debug1: Reading configuration data /home/ryantm/.ssh/config
debug1: /home/ryantm/.ssh/config line 4: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 13: Applying options for *
debug2: resolving "{REDACTED}" port 22
debug2: ssh_connect_direct
debug1: Connecting to
2002 Apr 10
2
I need to be able to turn off host checking entirely
I have a small LAN. The entire system is within my view - all the
hosts, the switch and the wire. If someone is in a a position to do a
"man in the middle" attack, there's no need - they already have me.
Over the other side of the room, and beside my desk, I have test
systems. I use disk caddies (see www.vipower.com for examples) and can
switch operating systems in about the
2008 Oct 29
0
ssh disregarding umask for creation of known_hosts (and other files?)
Hey folks--
When ssh creates a known_hosts file for a user, it disregards the
currently-set umask, and can actually turn on mode bits that the user
has explicitly masked. While i'm happy to have ssh make files *more*
secure than my umask (in situations where that's reasonable, like the
creation of new ssh keys, etc), i'm not sure that i see the point in
ssh making the files more open
2009 Sep 26
0
[Bug 1654] New: ~/.ssh/known_hosts.d/*
https://bugzilla.mindrot.org/show_bug.cgi?id=1654
Summary: ~/.ssh/known_hosts.d/*
Product: Portable OpenSSH
Version: 5.1p1
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: ssh
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: josh at
2013 Nov 11
4
[Bug 2169] New: command to remove outdated hostkey from known_hosts file wrong
https://bugzilla.mindrot.org/show_bug.cgi?id=2169
Bug ID: 2169
Summary: command to remove outdated hostkey from known_hosts
file wrong
Product: Portable OpenSSH
Version: 6.2p1
Hardware: Other
OS: Linux
Status: NEW
Severity: minor
Priority: P5
Component: ssh
2020 Oct 19
6
[Bug 3221] New: hostkey preference ordering is broken in some situations
https://bugzilla.mindrot.org/show_bug.cgi?id=3221
Bug ID: 3221
Summary: hostkey preference ordering is broken in some
situations
Product: Portable OpenSSH
Version: 8.4p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh