3500 – IPv6 address with embedded IP4v dot-decimal not honoured

Bug 3500 - IPv6 address with embedded IP4v dot-decimal not honoured

Summary: IPv6 address with embedded IP4v dot-decimal not honoured

Status:	NEW

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	ssh (show other bugs)
Version:	9.1p1
Hardware:	Other Linux

Importance:	P5 enhancement
Assignee:	Assigned to nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2022-11-11 19:29 AEDT by martin ➬
Modified:	2022-11-11 19:29 AEDT (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description martin ➬ 2022-11-11 19:29:41 AEDT

A valid IPv6 address can end with a IPv4 dot-decimal, such as:

2001:db8:4321::192.0.2.123

which effectively translates to

2001:db8:4321::c000:027b

i.e. the 32 bits of the IPv4 address are simply mapped to the last two fields of the IPv6 address.

When an SSH known_hosts file contains a line like:

example.org,192.0.2.123,2001:db8:4321::192.0.2.123 ssh-ed25519 …

then on a v6 connection, a new line is added to the known_hosts file, which is just the translated IPv6 address, e.g.

2001:db8:4321::c000:027b ssh-ed25519 …

This creates redundant information, and it would be better if SSH recognised that the IPv6 address is already used and mapped to a host fingerprint.