Bug#482025: openssh-client: Hashed keys by ssh-keyscan are not accepted by ssh client.
Package: openssh-client
Version: 1:4.3p2-9etch2
Severity: normal
Hi,
while trying to preseed my known_hosts file with keys of our servers, i
stumbled upon that
ssh-keyscan -t rsa,dsa $TARGET,$TARGET_IP > ~/.ssh/known_hosts
ssh $TARGET
(WARNING: overwrites ~/.ssh/known_hosts, use a dedicated test user!)
works just fine (don't need to confirm the hostkey of $TARGET any
more), but when creating the recommended hashed hostkeynames with
ssh-keyscan -H -t rsa,dsa $TARGET,$TARGET_IP > ~/.ssh/known_hosts
ssh $TARGET
I'm still asked by ssh to confirm the hostkey. So there seems
to be some problem with the hashing algorithm in ssh-keyscan.
Yours
Karsten
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-6-amd64
Locale: LANG=en_US.UTF-8, LC_CTYPE=de_DE (charmap=ISO-8859-1)
Versions of packages openssh-client depends on:
ii add 3.102 Add and remove users and groups
ii deb 1.5.11etch1 Debian configuration management sy
ii dpk 1.13.25 package maintenance system for Deb
ii lib 2.3.6.ds1-13etch5 GNU C Library: Shared libraries
ii lib 1.39+1.40-WIP-2006.11.14+dfsg-2etch1 common error description library
ii lib 2.9.cvs.20050518-2.2 BSD editline and history libraries
ii lib 1.4.4-7etch5 MIT Kerberos runtime libraries
ii lib 5.5-5 Shared libraries for terminal hand
ii lib 0.9.8c-4etch3 SSL shared libraries
ii pas 1:4.0.18.1-7 change and administer password and
ii zli 1:1.2.3-13 compression library - runtime
openssh-client recommends no packages.
-- no debconf information
Reply to: