Opened on Nov 20, 2020 at 10:50:07 AM
Closed on Nov 27, 2020 at 10:09:55 AM
Last modified on Nov 30, 2020 at 2:25:31 PM
#11255 closed enhancement (fixed)
Include port number when saving host key fingerprint
Reported by: | dkocher | Owned by: | |
---|---|---|---|
Priority: | normal | Milestone: | 7.7.2 |
Component: | sftp | Version: | 7.7.1 |
Severity: | normal | Keywords: | |
Cc: | Architecture: | ||
Platform: | Windows 10 |
Description
But because you do not store the port number it will cause issues. Perhaps I did not explain this properly. For example, if you setup SSH port forwarding tunnels: 127.0.0.1:5000 > 10.0.1.50:22 127.0.0.1:5001 > 10.0.1.51:22 127.0.0.1:5028 > 10.0.7.32:22 127.0.0.1:5176 > 80.xxx.xxx.xxx:22 These are port forwarding to unique servers with unique fingerprints. In mountain duck if I connect to server1 and save the fingerprint, then connect to server2, it will say the fingerprint has changed. If I save server2 fingerprint and then connect to server1, it will say the key has changed because it only stores the fingerprint for the IP, not IP:PORT. OpenSSH has supported this for over 10 years.
This does not affect macOS.
Change History (2)
comment:1 Changed on Nov 27, 2020 at 10:09:55 AM by yla
- Milestone set to 7.8.0
- Resolution set to fixed
- Status changed from new to closed
comment:2 Changed on Nov 30, 2020 at 2:25:31 PM by dkocher
- Milestone changed from 7.8.0 to 7.7.2
Milestone renamed
Note: See
TracTickets for help on using
tickets.
In r50197.