[Bug 523] ssh saves only host/ip information in known_hosts while port information is missing

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Mar 27 20:34:04 EST 2003 

http://bugzilla.mindrot.org/show_bug.cgi?id=523

           Summary: ssh saves only host/ip information in known_hosts while
                    port information is missing
           Product: Portable OpenSSH
           Version: 3.5p1
          Platform: Other
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: ssh
        AssignedTo: openssh-unix-dev at mindrot.org
        ReportedBy: misiek at pld.org.pl


ssh saves only host/ip information in known_hosts while port information is missing. 
 
When using masquerade I often use destination nat (DNAT) under Linux to allow 
connections from Internet to hosts behind masquerade like this: 
iptables -A PREROUTING -t nat -p tcp -d 12.12.12.12 --dport 11022 -j DNAT --to 
172.16.100.4:22 
 
That works wery well but ssh doesn't save information about port and then 
when connecting to 12.12.12.12 port 22 or port 11022 (different sshd's) 
 
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ 
@       WARNING: POSSIBLE DNS SPOOFING DETECTED!          @ 
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ 
The RSA host key for some.host.pl has changed, 
and the key for the according IP address 12.12.12.12 
has a different value. This could either mean that 
DNS SPOOFING is happening or the IP address for the host 
and its host key have changed at the same time. 
Offending key for IP in /home/users/misiek/.ssh/known_hosts:79 
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ 
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @ 
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ 
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! 
Someone could be eavesdropping on you right now (man-in-the-middle attack)! 
It is also possible that the RSA host key has just been changed. 
The fingerprint for the RSA key sent by the remote host is 
a6:64:aa:6c:da:af:b5:be:99:d3:fc:21:0b:84:47:7a. 
Please contact your system administrator. 
Add correct host key in /home/users/misiek/.ssh/known_hosts to get rid of this 
message. 
 
That message is of course not correct since there are two different sshd (on different 
machines) using the same IP. 
 
I think that solution would be to add port number information to known_hosts when it's 
different than default one (22). That maybe won't break compatibility with other ssh 
software and will avoid such problems like mine. Is that proposition ok with you? (then 
I'll think about preparing patch :)



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the openssh-unix-dev mailing list