Bug#239397: ssh: does not differentiate identity by port number
Package: ssh
Version: 1:3.6.1p2-12
SSH stores the known_hosts by hostname only when it really needs to include
the port number as well. Some hosts may intentionally forward a specific
port to another host (perhaps inside a firewall) or there may be multiple
servers running on different port numbers. Either way, you can have
different host identifiers per port that must be differentiated in the
known_hosts file.
Currently, after connecting to one port, connections to the another port
on the same host will fail due to an identity mismatch.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
61:e0:a8:16:b9:03:78:d7:b8:0d:68:b4:aa:3f:4e:bd.
Please contact your system administrator.
Add correct host key in /home/anchorage/bcwhite/.ssh/known_hosts to get rid of this message.
Offending key in /home/anchorage/bcwhite/.ssh/known_hosts:6
RSA host key for bcwhite.dhs.org has changed and you have requested strict checking.
Host key verification failed.
lost connection
Brian
( bcwhite@precidia.com )
-------------------------------------------------------------------------------
I didn't fight my way to the top of the food chain to be a vegetarian.
Reply to: