[Bug 910] known_hosts port numbers
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Fri Aug 6 03:22:50 EST 2004
http://bugzilla.mindrot.org/show_bug.cgi?id=910
Summary: known_hosts port numbers
Product: Portable OpenSSH
Version: 3.7.1p2
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: devin.nate at bridgecomm.net
At our sites, we have many situations where we hide many SSH hosts behind a
single IP address, where a Firewall is doing NAT and port forwarding. For
example, we may have 3 hosts (each with different host keys), A, B, and C. For
example:
Host A: 1.1.1.1 port 2222
Host B: 1.1.1.1 port 22
Host C: 1.1.1.1 port 2020
Unfortunately, the known_hosts file only records the IP address of the machine,
and therefore if a person connects to host A, accepts the host key, and then
tries to connect to host B or host C they will get a message indicating that the
host key has changed. In our production environment, we force our users to use
strick host key checking, and they don't have direct access to their known_hosts
file.
This bug/feature request is for the inclusion of the port number in the
known_hosts file. I'd recommend in the known_hosts format:
ip.ip.ip.ip:port ...
... where the :port is new, and if not specified defaults to port 22.
Thanks,
Devin Nate
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list