[Bug 3500] New: IPv6 address with embedded IP4v dot-decimal not honoured

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Nov 11 19:29:41 AEDT 2022


https://bugzilla.mindrot.org/show_bug.cgi?id=3500

            Bug ID: 3500
           Summary: IPv6 address with embedded IP4v dot-decimal not
                    honoured
           Product: Portable OpenSSH
           Version: 9.1p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: bugzilla.mindrot.org at pobox.madduck.net

A valid IPv6 address can end with a IPv4 dot-decimal, such as:

2001:db8:4321::192.0.2.123

which effectively translates to

2001:db8:4321::c000:027b

i.e. the 32 bits of the IPv4 address are simply mapped to the last two
fields of the IPv6 address.

When an SSH known_hosts file contains a line like:

example.org,192.0.2.123,2001:db8:4321::192.0.2.123 ssh-ed25519 …

then on a v6 connection, a new line is added to the known_hosts file,
which is just the translated IPv6 address, e.g.

2001:db8:4321::c000:027b ssh-ed25519 …

This creates redundant information, and it would be better if SSH
recognised that the IPv6 address is already used and mapped to a host
fingerprint.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list