[Bug 3615] Host Based Authentication is failing

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Sep 22 19:05:48 AEST 2023


https://bugzilla.mindrot.org/show_bug.cgi?id=3615

--- Comment #25 from Richard Kreutzer <tunerooster at gmail.com> ---
So you are saying the fqdn should be in the ssh_known_host file on the
server, but *not* in the /etc/ssh/ssh_host_ed25519_key.pub file on the
client.

OMG, it worked!  It also works with just "ssh gemini", i.e., "ssh
gemini.krautclan.com" is not required.

I always just copied the contents of the .pub file on each machine to
the each server unchanged.  And this works of course, for the
authorized_keys file for each used.

I will now have to add the fqdn to the beginning of each key in the
.pub files after pasting then in them in the ssh_known_hosts file for
each server.  And since all the machines are both clients and servers,
that means every machine, which I certainly can do.

But it surprises me that there is not a built-in way to do this, or is
there?  Something like "ssh-copy-id".

Thank you so much!  I would never have found this requirement, as it
does not seem to be mentioned in any of the HBA guides I found.

Please confirm that my above strategy is correct, and that there is no
better way to do this, before I start writing a script to automate it.

Best regards!!!

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list