Host verification problem

Darren Tucker dtucker at
Sun May 15 22:30:27 EST 2005

Hadmut Danisch wrote:
> Since SSH uses the IP address but not the port to verify the peer
> host, ssh always blocks/warns when connecting to a different port
> since it detects a changed host key. This means to edit the host key
> file every time or to ommit host key validation.

Or use a HostKeyAlias in your ssh_config, eg, for hosts "server1" and 
"server2" behind ports 2222 and 2223 of "gateway":

Host server1
	Hostname gateway
	Port 2222
	HostKeyAlias server1
Host server2
	Hostname gateway
	Port 2223
	HostKeyAlias server2

> Please store the host keys based on hostname/IP and port number. 


Darren Tucker (dtucker at
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
     Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

More information about the openssh-unix-dev mailing list