similar to: [Bug 3163] New: teach ssh-keyscan to use ssh_config (plus options like ProxyJump)

On Mon, 27 Feb 2023, Keine Eile wrote: > Hi ML members, > > is there a reason, why ssh-keyscan does not use Host definitions from > .ssh/config but does only relys on DNS host names? I have a quite long list of > host names and a not that well maintained name server. Mostly to keep ssh-keyscan simple. ssh_config contains a lot more options than Host/Hostname that we'd need to

Hi all, I noticed a bit of an odd issue with maintaining `known_hosts` when the target machine is behind a bastion using `ProxyJump` or `ProxyCommand` with host key clashes. Client for me right now is OpenSSH_9.3p1 on Gentoo Linux/AMD64. I'm a member of a team, and most of us use Ubuntu (yes, I'm a rebel). Another team who actually maintain this fleet often access the same machines

On 18/8/23 15:39, Darren Tucker wrote: >> Host mytarget >> Hostname 172.16.1.2 >> ProxyJump user2 at bastion2 > I think you just need "HostKeyAlias mytarget" here. Ahh, in my scanning through the `ssh_config` manpage, I missed this, and change logs seem to indicate this feature has been around since at least 2017, so should not cause

My company uses a certain product which forces me to use a jumphost / ssh proxy. When connecting to a server I have to type "ssh myuser at technicaluser@targethost at jumphost" everytime. I tried to simplify this by editing my ssh_config and putting this into the file: Host targethost ProxyJump technicaluser at jumphost These lines are recognized but don't work like intended

https://bugzilla.mindrot.org/show_bug.cgi?id=3057 Bug ID: 3057 Summary: Fork-bomb when misconfiguring a host to ProxyJump onto itself Product: Portable OpenSSH Version: 7.9p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh

http://bugzilla.mindrot.org/show_bug.cgi?id=1213 Summary: ssh-keyscan exits in mid-way Product: Portable OpenSSH Version: 4.3p2 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Miscellaneous AssignedTo: bitbucket at mindrot.org ReportedBy: tryponraj at

Hi ML members, is there a reason, why ssh-keyscan does not use Host definitions from .ssh/config but does only relys on DNS host names? I have a quite long list of host names and a not that well maintained name server.

On Fri, 18 Aug 2023 at 15:25, Stuart Longland VK4MSL <me at vk4msl.com> wrote: [...] > The crux of this is that we cannot assume the local IPv4 address is > unique, since it's not (and in many cases, not even static). If the IP address is not significant, you can tell ssh to not record them ("CheckHostIP no"). [...] > Host mytarget > Hostname 172.16.1.2

OpenSSH 8.0 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested

https://bugzilla.mindrot.org/show_bug.cgi?id=2744 Bug ID: 2744 Summary: ProxyJump causes "Killed by signal 1" to be printed in terminal. Product: Portable OpenSSH Version: 7.5p1 Hardware: Other OS: Linux Status: NEW Severity: trivial Priority: P5 Component:

OpenSSH 9.4 has just been released. It will be available from the mirrors listed at https://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested

On Fri, 18 Aug 2023 at 17:18, Stuart Longland VK4MSL <me at vk4msl.com> wrote: > On 18/8/23 15:39, Darren Tucker wrote: [...] > > I think you just need "HostKeyAlias mytarget" here. > > Ahh, in my scanning through the `ssh_config` manpage, I missed this, and > change logs seem to indicate this feature has been around since at least > 2017, so should not cause

On 18/8/23 18:37, Jochen Bern wrote: > On 18.08.23 07:39, Darren Tucker wrote: >> On Fri, 18 Aug 2023 at 15:25, Stuart Longland VK4MSL <me at vk4msl.com> >> wrote: >> [...] >>> The crux of this is that we cannot assume the local IPv4 address is >>> unique, since it's not (and in many cases, not even static). >> >> If the IP address is

Compiled on OpenIndiana using GCC 11 :; SunOS 5.11 illumos-2e79e00041 illumos Although snapshot was downloaded, it shows 9.3 version: :; ssh -V OpenSSH_9.3p1-snap20230809, OpenSSL 1.1.1v? 1 Aug 2023 Thanks and regards. On 31.07.2023 08:12, Damien Miller wrote: > Hi, > > OpenSSH 9.4 is almost ready for release, so we would appreciate testing > on as many platforms and systems as

http://bugzilla.mindrot.org/show_bug.cgi?id=198 Summary: Error getting file with sftp on old F-Secure servers Product: Portable OpenSSH Version: 3.1p1 Platform: Sparc OS/Version: Solaris Status: NEW Severity: major Priority: P2 Component: sftp AssignedTo: openssh-unix-dev at mindrot.org

Hello, On macOS, Terminal?s ?New Remote Connection?? command runs ssh in a new window like this: login -pfq $USER /usr/bin/ssh $HOST Here, login executes /usr/bin/ssh with argv[0] set to ?-ssh?. If $HOST has a ProxyJump configuration, the resulting ProxyCommand is: -ssh -W '[%h]:%p' $JUMP_HOST Because of the leading hyphen, this fails to execute. If the user?s shell is zsh, the

https://bugzilla.mindrot.org/show_bug.cgi?id=3582 Bug ID: 3582 Summary: Confusing error message when using ProxyJump Product: Portable OpenSSH Version: 9.3p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at

http://bugzilla.mindrot.org/show_bug.cgi?id=187 Summary: ssh-keygen not converting from and to SECSH standard correctly Product: Portable OpenSSH Version: 3.1p1 Platform: Sparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: ssh-keygen AssignedTo:

Hi, I'm very grateful for the new ProxyJump option. It helps tremendously! One small question I'd like to ask, though: Is there a way to skip one (mostly the first) jump host if the machine is in some specific network? For example, from home, I (resp. a shell script) need to jump to the office's server, a customers' login host, and then to the destination node; from the

https://bugzilla.mindrot.org/show_bug.cgi?id=3186 Bug ID: 3186 Summary: ProxyJump should include IdentityFile when specified Product: Portable OpenSSH Version: 8.3p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: