Per-port hostkeys
Kevin DeGraaf
kevin at kevindegraaf.net
Thu Jun 6 03:57:27 EST 2002
My apologies if this has been covered already. My search of the archives
was unfruitful.
OpenSSH seems to be lacking a certain capability present in ssh.com's
client; namely, the ability to store remote hostkeys on a per-port basis.
I have various machines that, due to iptables port-forwarding, appear to
be running copies of (open)sshd on multiple ports. "Commercial" ssh
stores hostkeys in files named "key_<port>_host.pub"; this is useful,
because it allows for recording the keys of multiple sshd's on the same IP
address.
OpenSSH, on the other hand, doesn't appear to offer this functionality;
connecting to any sshd port on a machine will cache that hostkey, and
subsequent connections to sshd's on other ports of that machine will fail
with hostkey-checking violations.
--
Kevin DeGraaf
More information about the openssh-unix-dev
mailing list