Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. OpenSSH>
  3. Bugs
[Bug 1602] ssh: doesn't handle IPv6 addresses with brackets
bugzilla-daemon at mindrot
May 29, 2020, 6:19 PM
Post #1 of 2 (101 views)
Permalink
https://bugzilla.mindrot.org/show_bug.cgi?id=1602

--- Comment #8 from Marc Herbert <marc.herbert+mindrot@gmail.com> ---
Fun fact: ssh _does_ produce brackets for IPv6 addresses in
.ssh/known_hosts:

[review.openstack.org]:29418,[104.130.246.32]:29418 ssh-rsa
AAAAB3NzaC1yc2...
[review.openstack.org]:29418,[2001:4800:7819:103:be76:4eff:fe04:9229]:29418
ssh-rsa AAAAB3Nza...

But it can't parse back what it printed itself:

ssh ssh://[review.openstack.org]:29418 OK
ssh ssh://[104.130.246.32]:29418 OK
ssh ssh://[2001:4800:7819:103:be76:4eff:fe04:9229]:29418 FAIL with
usage message

OpenSSH_8.2p1, OpenSSL 1.1.1g 21 Apr 2020



Digression: with many operating systems using randomized IPv6 addresses
by default for privacy reasons, using ssh to .local systems on the same
LAN causes uncontrollable .ssh/know_hosts growth.

--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 1602] ssh: doesn't handle IPv6 addresses with brackets [ In reply to ]
bugzilla-daemon at mindrot
May 29, 2020, 6:52 PM
Post #2 of 2 (101 views)
Permalink
https://bugzilla.mindrot.org/show_bug.cgi?id=1602

Darren Tucker <dtucker@dtucker.net> changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |dtucker@dtucker.net

--- Comment #9 from Darren Tucker <dtucker@dtucker.net> ---
(In reply to Marc Herbert from comment #8)
> Digression: with many operating systems using randomized IPv6
> addresses by default for privacy reasons, using ssh to .local
> systems on the same LAN causes uncontrollable .ssh/know_hosts growth.

You can set CheckHostIP=no for those hosts, eg

Host *.local
CheckHostIP no

--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal