[Bug 3850] concurrent runs of ssh corrupts the known_hosts file
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Wed Jul 16 13:27:26 AEST 2025
https://bugzilla.mindrot.org/show_bug.cgi?id=3850
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
CC| |djm at mindrot.org
--- Comment #2 from Damien Miller <djm at mindrot.org> ---
FYI this was committed after openssh-10.0, which should help your case.
It will be in openssh-10.1, due in the next few months.
commit e048230106fb3f5e7cc07abc311c6feb5f52fd05
Author: djm at openbsd.org <djm at openbsd.org>
Date: Wed Apr 30 05:26:15 2025 +0000
upstream: make writing known_hosts lines more atomic, by writing
the entire line in one operation and using unbuffered stdio.
Usually writes to this file are serialised on the "Are you sure you
want to continue connecting?" prompt, but if host key checking is
disabled and connections were being made with high concurrency
then interleaved writes might have been possible.
feedback/ok deraadt@ millert@
OpenBSD-Commit-ID: d11222b49dabe5cfe0937b49cb439ba3d4847b08
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list