Can we have better ssh fingerprint collision messages?
Tomas Mraz
tmraz at redhat.com
Tue Nov 12 12:26:46 UTC 2013
On Út, 2013-11-12 at 07:21 -0500, Matthew Miller wrote:
> On Tue, Nov 12, 2013 at 12:31:04PM +0100, Reindl Harald wrote:
> > > It can't... but you have to be sure you have edited any entries that may apply and that it is absolutely correct on
> > > the change ... frankly it's quicker and simpler to test via changing the target host's key rather than your
> > > known_hosts
> > and that this is needed shows IMHO a bug because it should
> > in all cases give out the same warning message
>
> Harald, I'm not seeing the behavior you see either -- if I replace a host
> key with another one in known_hosts, I get the correct man-in-the-middle
> message.
Exactly, I verified that too. But I actually first made a mistake by
deleting the 'ssh-rsa' and not copying it from the other host entry
which made the line invalid and the message was the same as for first
contact with the server. So I wonder if Harald did the same mistake.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
(You'll never know whether the road is wrong though.)
More information about the devel
mailing list