Once upon a time, Reindl Harald <h.reindl@xxxxxxxxxxxxx> said: > these lines are not written by hand and i replaced the key from "AAA" to "==" > of the first one with the key off a completly different host in the file > resulting in the message i posted by ssh "harry@srv-rhsoft" Replacing characters is making entries "by hand". Replacing the first characters with "==" creates an invalid key (it is base64 encoded which cannot have "=" characters except at the end for padding as needed); it could be OpenSSH ignores invalid lines (I don't know). > > If there is no match to the host, you get the output you described; if > > there is a match but the key is different, you get the original poster's > > desired output. This is standard (and I believe non-configurable) > > OpenSSH behavior going back to the beginning (and IIRC to the original > > SSH code before OpenSSH started) > > and as i have proven this is *not true* in all situations - period That is incorrect. The way to "prove" it is to connect to a host, change its host key (easiest way is to move /etc/ssh/*key* aside and restart sshd), and connect again. Otherwise, show a case that didn't involve editing the known_hosts file. The OpenSSH code only works one way. -- Chris Adams <linux@xxxxxxxxxxx> -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
