Bug 2738

Summary: UpdateHostKeys does not check keys in secondary known_hosts files
Product: Portable OpenSSH Reporter: Jaap Eldering <jaap>
Component: sshAssignee: Damien Miller <djm>
Status: CLOSED FIXED    
Severity: minor CC: djm, dtucker
Priority: P5    
Version: 7.4p1   
Hardware: amd64   
OS: Linux   
Bug Depends on:    
Bug Blocks: 2894, 3079    
Attachments:
Description Flags
patch
none
Update additional UserKnownHostsFiles none

Description Jaap Eldering 2017-07-06 06:34:06 AEST 
I have the following settings (among others) in my ~/.ssh/config:

HashKnownHosts no
UserKnownHostsFile ~/.ssh/known_hosts ~/.ssh/known_hosts_common
UpdateHostKeys ask

When I connect to a known host, ssh nicely asks me to store new host keys it learned about, and stores them in ~/.ssh/known_hosts. All fine so far. 

Now I move these entries to ~/.ssh/known_hosts_common, and next time I connect to that host, ssh asks me again about the same host keys. Thus, it seems it doesn't check the secondary file given to UserKnownHostsFile for presence of host keys.

Background information: I'm synchronizing the second file ~/.ssh/known_hosts_common between multiple machines/accounts, and prefer to store some common hosts there, and not clutter my primary file ~/.ssh/known_hosts with duplicate host keys.

Conclusion: it would be nice if ssh would check all known_hosts files for presence of new host keys before asking to add them.
Comment 1 Jaap Eldering 2017-07-06 15:56:20 AEST 
Created attachment 3008 [details]
patch

I think the attached patch should fix the problem.

I tested it on Debian Stretch against version 7.4p1-10 (with Debian patchlevel) and it worked as expected.
Comment 2 Damien Miller 2017-08-11 15:08:00 AEST 
Unfortunately that patch is not sufficient: update_known_hosts() still won't ever update keys in subsequent user_hostfiles

I think update_known_hosts() will need to consider all hostfiles, but that will take a refactor of hostfile.c:hostfile_replace_entries() too.
Comment 3 Jaap Eldering 2017-08-17 03:48:44 AEST 
I forgot about that use case. If it would be considered for inclusion, I'd be happy to try and write a patch that covers that case too.

For my understanding: any occurence of the given host,key-type pair in any of the known_hosts files would have to be replaced by the newly learned key, right?
Comment 4 Damien Miller 2020-01-24 12:19:51 AEDT 
Created attachment 3349 [details]
Update additional UserKnownHostsFiles
Comment 5 Damien Miller 2020-01-25 11:22:10 AEDT 
Fix committed, will be in openssh-8.2
Comment 6 Jaap Eldering 2020-02-06 09:25:12 AEDT 
Thanks a lot!
Comment 7 Damien Miller 2021-03-04 09:51:39 AEDT 
close bugs that were resolved in OpenSSH 8.5 release cycle