Losing keys from known_hosts?

To: debian-devel@lists.debian.org
Subject: Losing keys from known_hosts?
From: Thorsten Glaser <t.glaser@tarent.de>
Date: Tue, 11 Aug 2015 16:15:45 +0000 (UTC)
Message-id: <[🔎] loom.20150811T181137-733@post.gmane.org>

Hi *,

we’ve been seeing a really weird behaviour for a while, as far as we can
tell since some openssh security update?

We’re losing SSH host keys in known_hosts. The entries are there, then,
days or weeks later, they’re no longer there.

We disabled host key hashing, but the effect is still there.

The SSH clients known to show this are wheezy and sid.
The SSH servers known to show this are wheezy and trusty.

I notice that, when ssh’ing to the box and yes’ing the host key, the
entry added is ecdsa-sha2-nistp256 instead of ssh-rsa like all the
others. No idea if this is connected. They do work, for a while.

I also have no idea whether this is reproducible, or, if, how.

This is most annoying on Jenkins systems doing automated SSH, as
it breaks the build there, but it also happens on my workstation
(the sid client system above) which doesn’t have such magic.

As far as I can tell, this is limited to Debian and, possibly,
unnamed derivates thereof.

Does anyone else see this? Is this known?

Thanks in advance,
//mirabilos

Reply to:

Prev by Date: Bug#795176: ITP: sumaclust -- fast and exact clustering of genomic sequences
Next by Date: Bug#795200: ITP: django-recurrence -- Django utility wrapping dateutil.rrule
Previous by thread: Bug#795176: ITP: sumaclust -- fast and exact clustering of genomic sequences
Next by thread: Bug#795200: ITP: django-recurrence -- Django utility wrapping dateutil.rrule
Index(es):
- Date
- Thread