Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. OpenSSH>
  3. Bugs
[Bug 910] known_hosts port numbers
bugzilla-daemon at mindrot
May 5, 2006, 9:31 PM
Post #1 of 2 (687 views)
Permalink
http://bugzilla.mindrot.org/show_bug.cgi?id=910


dtucker@zip.com.au changed:

What |Removed |Added
----------------------------------------------------------------------------
Attachment #954 is|0 |1
obsolete| |
Attachment #1052 is|0 |1
obsolete| |
Attachment #1073 is|0 |1
obsolete| |




------- Comment #40 from dtucker@zip.com.au 2006-05-06 14:31 -------
Created an attachment (id=1131)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1131&action=view)
Update patch #1073.

Updated the patch to OpenBSD-current. Simplified put_host_port by
using asprintf again (we now have it in Portable's libopenbsd-compat
for platforms that don't have a native one).

BTW we're not using the method in patch #1052 ("ip:host"
unconditionally) because it will invalidate all existing known_hosts
files (see comment #15).




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
http://www.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 910] known_hosts port numbers [ In reply to ]
bugzilla-daemon at mindrot
May 5, 2006, 9:50 PM
Post #2 of 2 (644 views)
Permalink
http://bugzilla.mindrot.org/show_bug.cgi?id=910





------- Comment #41 from dtucker@zip.com.au 2006-05-06 14:50 -------
Created an attachment (id=1132)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1132&action=view)
Patch #1073 with fallback.

This is essentially the same as patch #1131, except that it also checks
for a matching hostkey without the port identifier.

Currently, if you have something like this in ssh_config:

Host foo
Hostname foo.example.com
Port 222

then you will have an entry like this in ssh_config:

foo.example.com ssh-rsa AAAA[...]

With patch #1131, this will no longer match since it's a non-default
port. This patch adds a second check for this condition, so the key
verification doesn't fail.

Note that this only occurs when a) you *do* use a non-default port and
b) you *don't* use a HostKeyAlias, so unless both of these are true
patch #1131 will behave the same as you're used to.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
http://www.mindrot.org/mailman/listinfo/openssh-bugs

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal