Host verification problem
Darren Tucker
dtucker at zip.com.au
Sun May 15 22:30:27 EST 2005
Hadmut Danisch wrote:
[...]
> Since SSH uses the IP address but not the port to verify the peer
> host, ssh always blocks/warns when connecting to a different port
> since it detects a changed host key. This means to edit the host key
> file every time or to ommit host key validation.
Or use a HostKeyAlias in your ssh_config, eg, for hosts "server1" and
"server2" behind ports 2222 and 2223 of "gateway":
Host server1
Hostname gateway
Port 2222
HostKeyAlias server1
Host server2
Hostname gateway
Port 2223
HostKeyAlias server2
> Please store the host keys based on hostname/IP and port number.
See: http://bugzilla.mindrot.org/show_bug.cgi?id=910
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list