HostKey check for remote hosts via local ports

Darren Tucker dtucker at zip.com.au
Sat Jun 28 06:16:43 EST 2008


On Fri, Jun 27, 2008 at 11:28:12AM -0700, Tobias Karlsson wrote:
> Another issue for which there might be some tricks that I don't know of:

> I have a set of ports on my local machine forwarded (via ssh
> LocalForward) to machines that I can't directly reach on the
> localhost. However, as I connect to those machines I get HostKey
> warnings since it looks for the HostKey of the 'localhost' and
> depending on the port, it is of course different.

> Is there a way around this? Could the host key be associated to
> another name like:

$ man sshd_config
[...]
HostKeyAlias
     Specifies an alias that should be used instead of the real host
     name when looking up or saving the host key in the host key
     database files.  This option is useful for tunneling SSH connec-
     tions or for multiple servers running on a single host.

Recent (from memory >= 4.7) versions of OpenSSH will automatically append
the port number when connecting to non-default ports (unless the host key
matches an exising entry without a port number).

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.


More information about the openssh-unix-dev mailing list