openssh-client: Hashed keys by ssh-keyscan are not accepted by ssh client.
Karsten Heymann
kheymann at blue-cable.net
Tue May 20 08:32:30 UTC 2008
Package: openssh-client
Version: 1:4.7p1-8ubuntu1.2
Severity: normal
Hi,
while trying to preseed my known_hosts file with keys of our servers, i
stumbled upon that
ssh-keyscan -t rsa,dsa $TARGET,$TARGET_IP > ~/.ssh/known_hosts
ssh $TARGET
(WARNING: overwrites ~/.ssh/known_hosts, use a dedicated test user!)
works just fine (don't need to confirm the hostkey of $TARGET any more),
but
when creating the recommended hashed hostkeynames with
ssh-keyscan -H -t rsa,dsa $TARGET,$TARGET_IP > ~/.ssh/known_hosts
ssh $TARGET
I'm still asked by ssh to confirm the hostkey. So there seems to be some
problem with the hashing algorithm in ssh-keyscan.
Yours
Karsten
-- System Information:
Debian Release: lenny/sid
APT prefers hardy-updates
APT policy: (500, 'hardy-updates'), (500, 'hardy-security'), (500, 'hardy-backports'), (500, 'hardy'), (500, 'gutsy')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.24-16-generic (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages openssh-client depends on:
ii adduser 3.105ubuntu1 add and remove users and groups
ii debconf [debco 1.5.20 Debian configuration management sy
ii dpkg 1.14.16.6ubuntu3 package maintenance system for Deb
ii libc6 2.7-10ubuntu3 GNU C Library: Shared libraries
ii libcomerr2 1.40.8-2ubuntu2 common error description library
ii libedit2 2.9.cvs.20050518-4 BSD editline and history libraries
ii libkrb53 1.6.dfsg.3~beta1-2ubuntu1 MIT Kerberos runtime libraries
ii libncurses5 5.6+20071124-1ubuntu2 Shared libraries for terminal hand
ii libssl0.9.8 0.9.8g-4ubuntu3.1 SSL shared libraries
ii passwd 1:4.0.18.2-1ubuntu2 change and administer password and
ii zlib1g 1:1.2.3.3.dfsg-7ubuntu1 compression library - runtime
Versions of packages openssh-client recommends:
ii xauth 1:1.0.2-2 X authentication utility
-- no debconf information
More information about the ubuntu-users
mailing list