Re: Disabling host key checking on LAN

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Thu, 27 Aug 2015, Bostjan Skufca wrote:

> Are you connecting by specifying "ssh HOSTNAME" instead of "ssh IP.IP.IP.IP"?
> 
> If this is the case, then "Host 192.168.*.*" line never matches when
> you think it should.
> 
> From ssh_config manpage:
> "The host is the hostname argument given on the command line (i.e. the
> name is not converted to a canonicalized host name before matching)."

Yeah, it's unfortunately quite difficult to implement address matching
in ~/.ssh/config because of the interplay of Host matching, Hostname
directives, hostname canonicalisation*, proxy commands, hosts having
multiple addresses, IPv4/IPv6 and when the addresses are actually
resolved and available to the parser.

I've not figured out a clean way to do it that isn't also complex and
probably fragile to implement.

-d

* that was my contribution to the problem :/
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux