[SOLVED] Is this a SSH bug?

JeremyBoden · 09-26-2017, 04:20 PM

I have only just re-installed openssh & client, rebooted the PC.
I have given it no keys - although there may be some old public keys present.
Just to see what would happen, expecting it to fail

Code:

jeremy@hector ~ $ ssh hector

. But it opened a session on my PC like normal

Code:

host ECDSA key for IP address '192.168.1.7' not in list of known hosts.
Linux hector 3.16.0-4-amd64 #1 SMP Debian 3.16.43-2+deb8u5 (2017-09-19) x86_64

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Tue Sep 26 21:43:04 2017
jeremy@hector ~ $ logout
Connection to hector closed.

Have Debian removed host ECDSA key from their list of identifiers?

michaelk · 09-26-2017, 06:43 PM

Not a bug.

When you reinstalled ssh it created a new host key i.e. /etc/ssh/ssh_host_ecdsa_key... The host key prevents man in the middle attacks and is stored in your ~/.ssh/known_hosts file. This is the reason for the "host ECDSA key for IP address '192.168.1.7' not in list of known hosts." warning message.

I would of expected an error since the key changed but had the same IP address.

Reinstalling the client does not delete the .ssh directory and since your public/private key file are stored in your users ~/.ssh directories on server/client they should still be valid and as posted you were logged in.