similar to: [Bug 523] ssh saves only host/ip information in known_hosts while port information is missing

Hi, I submitted a patch back in November of 2009 to add local validation of DNSSEC record to openssh. I recent updated the patch for 5.8, and figured I do a little marketing while I'm at it. :-) Someone had previously submitted a patch which simply trusted the AD bit in the response, which is susceptible to spoofing by anyone who can inject packets between the resolver and the client. Our

https://bugzilla.mindrot.org/show_bug.cgi?id=1426 Summary: ssh key verification hint (on remote side) Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: Other OS/Version: Linux Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: bitbucket at

http://bugzilla.mindrot.org/show_bug.cgi?id=598 Summary: case sensitive in host matching Product: Portable OpenSSH Version: -current Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: openssh-bugs at mindrot.org ReportedBy: misiek at

I dug through the list archives to see if this had come up before, and I see that a bug <http://bugzilla.mindrot.org/show_bug.cgi?id=393> was submitted and subsequently closed (basically rejected) in 2002. The basic issue, for those of you who don't feel like following the bug URL, is that when one has ssh servers behind a NAT, each of which responds to a different port on the NAT IP,

Scenario: I have access to a semi-public (about 30 users) server where I keep my webpage. Occasionally, especially if I'm on the road. I use this as a bounce point to get to "secured" systems which only allow ssh from certian IP's. (Ignoring the discussion on spoofing, since we have host keys) But host keys are the problem. If anyone gets root on this hypothetical

I've got a problem that I'm hoping the list can help with, otherwise ... Heres the problem, I've got OpenSSH 1.2.2p1 running on my Intel Linux box as the secure server. I can connect from another Intel Linux box using scp and it all seems to work fine. Another box tries to connect and it gets a warning about the host keysize not matching. I'm thinking this could be some byte

ssh -oStrictHostKeyChecking=no scrub @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just

Hello, a moment ago i got this: : @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ : @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ : @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ : IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! : Someone could be eavesdropping on you right now (man-in-the-middle attack)! : It is also possible that the RSA host key

Here's another one for ya, I can ssh into my server from workstationB but when I try to ssh into workstationB from my server I get this error message. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone

https://bugzilla.mindrot.org/show_bug.cgi?id=3216 Bug ID: 3216 Summary: Confusing error "host key ... has changed" when connecting to a server not offering matching host key types Product: Portable OpenSSH Version: 7.9p1 Hardware: ARM64 OS: Linux Status: NEW

Hello, While running 'cvs up' against the CVS repository for the portable branch of OpenSSH, I received the following warning: % cvs up @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be

https://bugzilla.mindrot.org/show_bug.cgi?id=1476 Summary: .ssh/known_hosts does not save port number Classification: Unclassified Product: Portable OpenSSH Version: 5.0p1 Platform: All OS/Version: Linux Status: NEW Severity: minor Priority: P2 Component: ssh AssignedTo: unassigned-bugs at

Hello. I am running OpenSSH 7.9p1 on my client and server. ssh-keyscan shows the server has ssh-rsa, ssh-ed25519, and ecdsa-sha2-nistp256 host keys. My /etc/ssh/ssh_known_hosts file contains the server's ssh-ed25519 host key. When I try to SSH to the server I get this error: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!

Folks, I read the 5.7 release announcement and updated, to try out ECDSA. Most parts worked very smoothly. The inability to create SSHFP records is understandable, since IANA haven't allocated a code yet. One apparent bug: I think StrictHostKeyChecking=ask is broken for ECDSA. % ssh -o HostKeyAlgorithms=ecdsa-sha2-nistp256 localhost

Here you go: OpenSSH_7.9p1, OpenSSL 1.1.1d 10 Sep 2019 debug1: Reading configuration data /home/ryantm/.ssh/config debug1: /home/ryantm/.ssh/config line 4: Applying options for * debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 13: Applying options for * debug2: resolving "{REDACTED}" port 22 debug2: ssh_connect_direct debug1: Connecting to

I have a small LAN. The entire system is within my view - all the hosts, the switch and the wire. If someone is in a a position to do a "man in the middle" attack, there's no need - they already have me. Over the other side of the room, and beside my desk, I have test systems. I use disk caddies (see www.vipower.com for examples) and can switch operating systems in about the

Hey folks-- When ssh creates a known_hosts file for a user, it disregards the currently-set umask, and can actually turn on mode bits that the user has explicitly masked. While i'm happy to have ssh make files *more* secure than my umask (in situations where that's reasonable, like the creation of new ssh keys, etc), i'm not sure that i see the point in ssh making the files more open

https://bugzilla.mindrot.org/show_bug.cgi?id=1654 Summary: ~/.ssh/known_hosts.d/* Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: ssh AssignedTo: unassigned-bugs at mindrot.org ReportedBy: josh at

https://bugzilla.mindrot.org/show_bug.cgi?id=2169 Bug ID: 2169 Summary: command to remove outdated hostkey from known_hosts file wrong Product: Portable OpenSSH Version: 6.2p1 Hardware: Other OS: Linux Status: NEW Severity: minor Priority: P5 Component: ssh

https://bugzilla.mindrot.org/show_bug.cgi?id=3221 Bug ID: 3221 Summary: hostkey preference ordering is broken in some situations Product: Portable OpenSSH Version: 8.4p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh