Bug 2131

Summary:

ssh: list known names (if any) for new hostkeys

Product:

Portable OpenSSH

Reporter:

Oskari Saarenmaa <os>

Component:

ssh

Assignee:

Assigned to nobody <unassigned-bugs>

Status:

CLOSED FIXED

Severity:

enhancement

CC:

djm

Priority:

Version:

6.2p1

Hardware:

All

OS:

All

Bug Depends on:

Bug Blocks:

3217

Attachments:

Description	Flags
list known names (if any) for new hostkeys	none

Description Oskari Saarenmaa 2013-07-25 20:51:35 AEST

Created attachment 2320 [details]
list known names (if any) for new hostkeys

When connecting to a host for which there's no known hostkey, check if the new key has been accepted for other hostnames.  This is useful when connecting to a host with a dynamic IP address or multiple names.

Patch also sent to openssh-unix-dev in December 2012: http://lists.mindrot.org/pipermail/openssh-unix-dev/2012-December/030905.html

Comment 1 Damien Miller 2020-11-13 10:18:07 AEDT

Support for this was added in d5d05cdb3d4 and will be in OpenSSH 8.5:

    > The authenticity of host 'test (10.0.0.1)' can't be established.
    > ECDSA key fingerprint is SHA256:milU4MODXm8iJQI18wlsbPG7Yup+34fuNNmV08qDnax.
    > This host key is known by the following other names/addresses:
    >     ~/.ssh/known_hosts:1: host.example.org,10.0.0.1
    >     ~/.ssh/known_hosts:2: [hashed name]
    >     ~/.ssh/known_hosts:3: [hashed name]
    >     ~/.ssh/known_hosts:4: host
    >     ~/.ssh/known_hosts:5: [host]:2222
    > Are you sure you want to continue connecting (yes/no/[fingerprint])?

Comment 2 Damien Miller 2021-04-23 15:10:02 AEST

closing resolved bugs as of 8.6p1 release