similar to: known_hosts

Displaying 20 results from an estimated 6000 matches similar to: "known_hosts"

2024 Oct 17
2
Re: Re: SSH host key rotation – known_hosts file not updated
On Mon, Oct 14, 2024 at 5:33?AM Jan Eden via openssh-unix-dev <openssh-unix-dev at mindrot.org> wrote: redacted hostname and port ? sorry, should have mentioned that. > > > Anyway, in answer to your question. The "host key found matching a different > > name/address" is triggered when a key received from the server in an update > > already exists under a
2016 Apr 01
4
[Bug 2560] New: sshd: Description of hashed known_hosts file does not make sense and format is outdated
https://bugzilla.mindrot.org/show_bug.cgi?id=2560 Bug ID: 2560 Summary: sshd: Description of hashed known_hosts file does not make sense and format is outdated Product: Portable OpenSSH Version: -current Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5
2024 Feb 17
1
How to remove old entries from known_hosts?
Brian Candler wrote: > Chris Green wrote: > > ... redundant ones are because I have a mixed population of > > Raspberry Pis and such on my LAN and they get rebuilt fairly > > frequently and thus, each time, get a new entry in known_hosts. > ...many useful tips... > To disable host key checking altogether for certain domains and/or networks, > you can put this in
2010 Mar 29
18
please decrypt your manuals
I. most of ssh manual and all sshd manual present server and client as one machine, called host. All files mentioned are placed on one machine. This is incorrect, and makes the explanation unclear. For example, man sshd SSH_KNOWN_HOSTS FILE FORMAT suggests to copy keys from /etc/ssh/ssh_host_key.pub into /etc/ssh/ssh_known_hosts, as if those files are on the same machine. II. a general
2024 Feb 14
1
How to remove old entries from known_hosts?
On 14/02/2024 11:42, Chris Green wrote: > Is there any way to remove old entries from the known_hosts file? With > the hashed 'names' one can't easily see which entries are which. I > have around 150 lines in my known hosts but in reality I only ssh to a > dozen or so systems. All the redundant ones are because I have a > mixed population of Raspberry Pis and such on
2020 Sep 16
2
ssh-ed25519 and ecdsa-sha2-nistp256 host keys
Hello. I am running OpenSSH 7.9p1 on my client and server. ssh-keyscan shows the server has ssh-rsa, ssh-ed25519, and ecdsa-sha2-nistp256 host keys. My /etc/ssh/ssh_known_hosts file contains the server's ssh-ed25519 host key. When I try to SSH to the server I get this error: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!
2011 Oct 03
2
sshkey resource type in Ubuntu 10.04
Hi, I''m attempting to distribute a known host ssh key (for github) to an Ubuntu 10.04 host. Puppet is distributing the key into /etc/ssh/ ssh_known_hosts as: github.com ssh-rsa [really long ssh-rsa key] However, Ubuntu seems to expect the key in this format: |1|[really long ssh-rsa key] (note all the keys in my known_hosts and ssh_known_hosts not managed by puppet are prepended with
2002 Jan 13
7
Public storage for public keys
This question should be asked before, but I fail to find the discussion. What options can be used for storing host/users pubkeys in a publically available places? I know openssh currently provide option except if /etc/ssh_known_hosts and ~/.ssh/known_hosts. But what about many machines? Think of e.g. pgp keyservers. Note that pgp keyservers isn't a good solution *always*. The best one
2013 Aug 13
2
Collector not realizing own exported resources when filtering on tags
I''m trying to create a ssh class where the /etc/ssh/ssh_known_hosts and /etc/ssh/shosts.equiv stays updated. The issue i''m finding is that if I include a "tag == anything" in the Collector filter, it collects all resources EXCEPT it''s own. In this case, the known_hosts and .equiv files will have all the other hostnames, but not it''s own hostname.
2017 May 15
5
Golang CertChecker hostname validation differs to OpenSSH
Hi all, Last week I noticed that the CertChecker in the Go implementation of x/crypto/ssh seems to be doing host principal validation incorrectly and filed the following bug: https://github.com/golang/go/issues/20273 By default they are looking for a principal named "host:port" inside of the certificate presented by the server, instead of just looking for the host as I believe OpenSSH
2019 Aug 06
2
Dovecot replication and userdb "noreplicate".
On 06.08.2019 23:17, Reio Remma via dovecot wrote: > On 24.06.2019 16:25, Reio Remma wrote: >> On 24.06.2019 8:21, Aki Tuomi wrote: >>> On 22.6.2019 22.00, Reio Remma via dovecot wrote: >>>> Jun 22 16:55:22 host dovecot: dsync-local(user at host.ee)<>: Error: >>>> Remote command returned error 84: ssh -i /home/vmail/.ssh/vmail.pem -l >>>>
2003 Oct 20
12
[Bug 747] host authentication requires RSA1 keys
http://bugzilla.mindrot.org/show_bug.cgi?id=747 Summary: host authentication requires RSA1 keys Product: Portable OpenSSH Version: 3.7.1p1 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Documentation AssignedTo: openssh-bugs at mindrot.org ReportedBy:
2024 Jan 01
2
ssh keys hostname VS fqdn - offends?
Hi guys Though being a mere user, - as opposed to an expert - in many long years of ssh in my use this, is new: -> $ ssh box5.proxmox.mine hostname -i 10.3.1.78 -> $ ssh box5 hostname -i Warning: the RSA host key for 'box5' differs from the key for the IP address '10.3.1.78' Offending key for IP in /root/.ssh/known_hosts:2 Matching host key in /etc/ssh/ssh_known_hosts:2
2020 Mar 24
2
[Feature Request] Add (and check against) IP to known_hosts even when domain is used to connect
Hello Bob and thank you for your reply, first of all I hope that I'm answering in the right way since I had enabled the daily digest and I'm not sure if it's the right way to use Thunderbirds "Reply List" feature on this digest. If it's wrong this way I apologize. I turned of the daily digest so my next messages should be correct. > Are you aware of HostKeyAlias?
2001 Sep 26
3
OpenSSH 2.9.9
OpenSSH 2.9.9 has just been uploaded. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH 2.9.9 fixes a weakness in the key file option handling, including source IP based access control. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. This release contains many portability
2023 Nov 10
1
@cert-authority for hostbased auth - sans shosts?
On 09/11/23, Marian Beermann (public at enkore.de) wrote: > ... while OpenSSH does support using a CA in conjunction with hostbased > authentication, it still requires a list of all authorized host names in the > rhosts / shosts file. I'm not familiar with the use of .rhosts/.shosts, but I don't think those are needed at all with a machine or per-user known_hosts file/files
2015 Jan 09
5
OpenSSH_6.7p1 hostbased authentication failing on linux->linux connection. what's wrong with my config?
Hi, On Fri, Jan 9, 2015, at 10:48 AM, Tim Rice wrote: > My ssh_config has > Host * > HostbasedAuthentication yes > EnableSSHKeysign yes > NoHostAuthenticationForLocalhost yes > > NoHostAuthenticationForLocalhost is not necessary. > The one you are missing is EnableSSHKeysign. > > Additionally, you made no mention of your ssh_known_hosts files. Make > sure
2007 Apr 04
5
sshkey
Hello all, How are you using the sshkey type? Are you using it to list hosts and keys in a class that nodes include in order to manage /etc/ssh/ssh_known_hosts or something else? How does any of this relate to the sshrsakey and sshdsakey facts on the host? I read some stuff about this on the Virtual Resources page but it''s too vague for my simple mind and I''d be reluctant to use
2019 Jun 24
2
Dovecot replication and userdb "noreplicate".
On 24.06.2019 8:21, Aki Tuomi wrote: > On 22.6.2019 22.00, Reio Remma via dovecot wrote: >> Hello! >> >> I finally took the time and spent two days to set up replication for >> my server and now I have a question or two. >> >> I initially set noreplicate userdb field to 1 for all but a test user, >> but I could still see in the logs that all mailboxes
2020 Sep 30
3
Human readable .ssh/known_hosts?
On Tue, 29 Sep 2020 at 23:16, Nico Kadel-Garcia <nkadel at gmail.com> wrote: [...] > I gave up on $HOME/.ssh/known_hosts a *long* time ago, because if > servers are DHCP distributed without static IP addresses they can wind > up overlapping IP addresses with mismatched hostkeys You can set CheckHostIP=no in your config. As long as the names don't change it'll do what you