Semantics of known_hosts file

Lars Noschinski lars at public.noschinski.de
Wed Nov 7 03:04:36 EST 2012


Hi everyone,

I am trying to get Debian bug #668239 [1] resolved, which is concerned
with the way paramiko (a SSH implementation in Python) deals with
OpenSSH's known_hosts file when non-standard ports are used. Hence, I
want to make sure that I correctly understand OpenSSH's behaviour. If
this is not a topic for this list, please point me to a more appropriate
list.

As far as I can gather from readin sshd(8) and the source code
(get_hostfile_hostname_ipaddr), at most two key lookups are performed:

  (a) [Only for protocol version 1] One for the ip address of the remote
      host, with put_host_port(ntop, port)

  (b) One for the hostname.
    (1) If it is an HostKeyAlias, just look for the hostname,
    (2) else for put_host_port(hostname, port).

Is this an accurate description? In the bugzilla entry #910 [2], I found
that a fallback option (look for hostname only, if (b.2) fails) was
discussed, but if I understand it correctly, this never was included.

Best regards,
  Lars Noschinski


[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668239
[2] https://bugzilla.mindrot.org/show_bug.cgi?id=910


More information about the openssh-unix-dev mailing list