known_hosts not read properly #3013
Comments
This is continuing to occur, even in the development build 4577. Appears may be related to issue #2998. Each time a site is accessed, a new line is being added to known_hosts, with an apparently bogus host name, like: |1|uthAJVm7Mgh8MxSl3XR721aQa9U=|MdOZ6QfGMzX4XsiUeQHBAhmL9rI= ssh-rsa ... (key deleted) So I suppose it makes sense that this bogus host does not show up when there is a re-check. |
A WORKAROUND: move the known_hosts file aside and start CyberDuck. Then copy contents of old back into new known_hosts. More investigation. The funny entries for hostname are hashed hostnames (per the source code) and seem to work ok (not sure why needed, and is certainly not then legible to people trying to modify their known_hosts). |
Whenever I start Cyberduck, and have an SFTP connection as the one to open by default, Cyberduck prompts about allowing the host key. This despite the fact that the host key is in the known_hosts file.
The console log contains a complaint:
This is despite the fact that .ssh is world readable and executable and the known_hosts file is world readable.
Additionally, Cyberduck then adds an entry to known_hosts starting with |1| and keeps adding this every time 'always allow' is chosen at the prompt.
The text was updated successfully, but these errors were encountered: