using full ip/tcp address in known_hosts

eperez at it.uc3m.es eperez at it.uc3m.es
Mon May 20 01:26:40 EST 2002


Hello,

What about using the full ip/tcp address in known_hosts?

I have two hosts at (sample addresses):
192.168.0.1:22
192.168.0.1:2222

When I connect to the first one everything is OK,
but if I connect to the second one I get:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!

When everything is OK. ssh thinks that they are the same sshd.

Another solution would be not checking any ip address in known_hosts
and just checking that the fingerprint is trusted (it's in known_hosts).

Anyone has a fix?

I'm using OpenSSH_3.0.2p1 from debian/sid.

                Eduardo



More information about the openssh-unix-dev mailing list