Bug 3407 - ssh-keyscan can't find hostname in 8.9 while finds in 8.8 (keygen or keyscan issue) when port is used
Summary: ssh-keyscan can't find hostname in 8.9 while finds in 8.8 (keygen or keyscan ...
Status: CLOSED INVALID
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: ssh-keygen (show other bugs)
Version: 8.9p1
Hardware: amd64 Linux
: P5 normal
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2022-03-17 05:13 AEDT by Arkadiusz Miśkiewicz
Modified: 2022-04-08 12:12 AEST (History)
1 user (show)

See Also:


Attachments
ssh-keyscan -vv -p24 -H localhost (15.72 KB, text/plain)
2022-03-17 17:16 AEDT, Arkadiusz Miśkiewicz
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Arkadiusz Miśkiewicz 2022-03-17 05:13:17 AEDT
Is ssh-keygen generating something incorrectly when port is used?

8.8p1 behaviour, find something when querying without port (but not with port):

$ ssh-keyscan -p24 -H localhost > x
# localhost:24 SSH-2.0-OpenSSH_8.8
# localhost:24 SSH-2.0-OpenSSH_8.8
# localhost:24 SSH-2.0-OpenSSH_8.8
# localhost:24 SSH-2.0-OpenSSH_8.8
# localhost:24 SSH-2.0-OpenSSH_8.8

$ ssh-keygen -F localhost -f x
# Host localhost found: line 1
|1|bgKXcPS8/7Gu205qEvRPtD0keuo=|euMjJeWHk/lrQUj6FFKWs+PMuIs= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA69uUvZ2ytAeV6j+K+XAUcg3VjHDcnCeMJhpHWfbjg19VreEhHF4Q9Mqma52rO7Ek3o2H6HtGoA9xFJkq0Qh8najATJXOgWu5j8Sce0BSHrSgBcjc9qSLFuB0scksc3GtaebNfVW2wkMN2bKIgcUYWr7PoegUb2mPCqA+/9uCNmcTkary7fzlNWGGwfkymqPgnEmQi95fYg3iGngbocmTPYAieQx95naeA2qmAflSo1CkA35uv7XYAHUGb4mM+h02rz8fTyYx6UFahDOMVdRDD5dXhwrqE8w6ZupKOzLgYNwvJsNW6c7iXcGijBSN24dn2KUGqVwHriq6oEei4Gbdpw==
# Host localhost found: line 2
|1|aSrZkQOhADoYhvmgw8uPQOSDxzk=|ddeO9drGbpfJmuiTUCWFtJT7i4w= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAbLZGODREQwfd0w8DRhWZoBYgPnPWDfs7PeLxV+2CpJNTujVAmFUFBdjlIhb7WdtHaZZBV8b0r9X0Ky3qyoYuM=
# Host localhost found: line 3
|1|bm4X5CEL/A2V5NZwjlBC1ZGHcYA=|TYNkBmtPeFC+Zc3y292nEayiGAQ= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILBcofK3yv+1Ypo1s4L2sJy9TOBietyTQGIBw+QE+I+F

$ ssh-keygen -F localhost:24 -f x
$

$ ssh -V
OpenSSH_8.8p1, OpenSSL 3.0.1 14 Dec 2021


and 8.9p1 behaviour, nothing is found in "with and without port" variants:

$ ssh-keyscan -p24 -H localhost > x
# localhost:24 SSH-2.0-OpenSSH_8.9
# localhost:24 SSH-2.0-OpenSSH_8.9
# localhost:24 SSH-2.0-OpenSSH_8.9
# localhost:24 SSH-2.0-OpenSSH_8.9
# localhost:24 SSH-2.0-OpenSSH_8.9

$ ssh-keygen -F localhost -f x
$

$ ssh-keygen -F localhost:24 -f x
$

$ ssh -V
OpenSSH_8.9p1, OpenSSL 3.0.1 14 Dec 2021


Now 8.9p1 with x file generated with ssh-keygen 8.8p1 works like this:
ssh-keygen -F localhost -f x8.9

but 8.8p1 with x file generated by ssh-keygen 8.9p1 fails to find anything.
Comment 1 Damien Miller 2022-03-17 09:58:18 AEDT
Could you run ssh-keyscan with the debugging verbosity turned up and attach the output for a failed 8.9 session? Adding -vvv to the arguments will do this
Comment 2 Arkadiusz Miśkiewicz 2022-03-17 17:16:59 AEDT
Created attachment 3584 [details]
ssh-keyscan -vv -p24 -H localhost

"ssh-keyscan -vv -p24 -H localhost" log
Comment 3 Damien Miller 2022-03-17 19:49:30 AEDT
Ah, it's probably the fix for bug #3367 https://github.com/openssh/openssh-portable/commit/e9c71498a08

Before 8.9, ssh-keyscan would not include the port in the hash as ssh does. If you use a non-default port now, then it is included in the hash just as if it was added by "ssh -p24 localhost"

[djm@neko openssh]$ ./ssh-keyscan -Hp 2222 localhost > /tmp/x
# localhost:2222 SSH-2.0-OpenSSH_8.9
[djm@neko openssh]$ ssh-keygen -f /tmp/x -F localhost
[djm@neko openssh]$ ssh-keygen -lf /tmp/x -F "[localhost]:2222"
# Host [localhost]:2222 found: line 1 
[localhost]:2222 RSA SHA256:llyZXQpeXErA3hDjef4lD5vVgsKOLEas0tKMrNSheNw
Comment 4 Arkadiusz Miśkiewicz 2022-03-17 19:53:08 AEDT
So not a bug and 'localhost:24' is not supported ([] is mandatory).

Indeed, works with []:port.
Comment 5 Damien Miller 2022-04-08 12:12:54 AEST
closing bug resolved during openssh-9.0 release cycle