Bug 1662 - Avoidable man-in-the-middle attack warnings
Summary: Avoidable man-in-the-middle attack warnings
Status: CLOSED DUPLICATE of bug 910
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: ssh (show other bugs)
Version: 4.3p2
Hardware: All All
: P2 normal
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-10-21 18:10 AEDT by Tom Söderlund
Modified: 2010-04-16 15:50 AEST (History)
1 user (show)

See Also:

Attachments
Sample session capture (names changed) (1006 bytes, text/plain)
2009-10-21 18:10 AEDT, Tom Söderlund 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Tom Söderlund 2009-10-21 18:10:54 AEDT 
Created attachment 1702 [details]
Sample session capture (names changed)

When running one or more virtual machines within one host machine, each
virtual machine listening for ssh connections in different tcp ports of
the host machine, and one tries to connect with ssh to these virtual
machines or the host running them (other target than whose
identification information was previously saved to known_hosts in
source), ssh complains about possible man-in-the-middle attack
(WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!).

This could possibly be avoided if the port number was included in the
identification information of a host in known_hosts.
Comment 1 Darren Tucker 2009-10-21 21:24:29 AEDT 
This was added in version 4.4 which was released ~3 years ago.

*** This bug has been marked as a duplicate of bug 910 ***
Comment 2 Damien Miller 2010-04-16 15:50:07 AEST 
Mass move of bugs RESOLVED->CLOSED following the release of openssh-5.5p1