Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: arthur (arthurumfaan.demon.co.uk)
Date: Thu Sep 06 2001 - 10:38:15 CDT
You could try another approach:
I found that I have managed to get two entries for my machine at work in my
local file by manually doing:
ssh <IP address> and then by accident
On Thursday 06 September 2001 08:04, Reckhard, Tobias wrote:
> Hi Yuri
> [Machine has two A records]
> > So now the problem arises: I normally only use the easy-to-remember
> > hostname: it's the one I named the machine with (not even telling it
> > about the other one) and this is therefore also the one that ssh-keygen
> > uses when generating the keys. Unfortunately ssh, scp and sftp resolve
> > the IP-address to the other hostname, and fail to recognize the relevant
> > key in $HOME/.ssh/authorized_keys2 (regardless of which "direction" I
> > go). I assume there is an easy way to solve this, but I haven't found
> > it. Can someone help me out?
> Hmm.. I fail to see where the hostname matters in the authorized_keys
> files, except for the 'from="pattern-list"' parameter, which you don't seem
> to mean.
> The hostname does matter when the server's public key is checked against
> the known_hosts files, so I assume that is where your problem actually
> lies. And concerning that, the sshd man page section titled
> "SSH_KNOWN_HOSTS FILE FORMAT" says:
> Each line in these files contains the following fields: hostnames,
> exponent, modulus, comment. The fields are separated by spaces.
> Hostnames is a comma-separated list of patterns ('*' and '?' act as
> cards); each pattern in turn is matched against the canonical host
> name (when authenticating a client) or against the user-supplied name (when
> authenticating a server). A pattern may also be preceded by `!' to indi-
> cate negation: if the host name matches a negated pattern, it is not
> cepted (by that line) even if it matched another pattern on the line.
> Therefore, all you need to do is add the complicated name to the
> appropriate entry in the known hosts files. I.e. modify an entry of the
> hostname 1024 35 1768399887...
> hostname,complicated_hostname 1024 35 1768399887...
> Does that help you in any way?
-- To unsubscribe, e-mail: suse-security-unsubscribesuse.com For additional commands, e-mail: suse-security-helpsuse.com