Hi,
I am using a linux build of openssh portable. I have been struggling
today with intermittently not being able to use "ssh-keygen -F" to find
hosts in my known_hosts file in the case where the file is hashed and
the remote server uses a non-standard port.
The reason for this turns out to be that ssh-keyscan does not include
port numbers when hashing its output. This is inconsistent with the ssh
client which does include the port when writing hashed entries to
known_hosts.
The openssh client works around this by searching the hosts file for
entries both with and without the port number, however this behaviour
does not seem ideal, particularly in the case of attempting to use
"ssh-keygen -F" to check for entries manually.
I believe the solution would be to change keyprint_one() in
ssh-keyscan.c to generate hashes using host_hash(hostport, NULL, 0)
rather than host_hash(host, NULL, 0).
I have not tested this fix but thought I would defer to the opinion of
the developers. Thank you,
Charlie
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev