IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This commit fixes problem when host key is already added in SSH
`known_hosts` file but SSH fails to validate this host key.
NOTE:
This problem manifests only when simulating 'accept-new' feature of the
newer SSH (>v7.6) via 'Match' with 'ssh-keygen -F'.
The cause of this problem is the fact that hostname is stored always
in lowercase even if the hostname had an upcase character.
It means that the record in `known_hosts` file for hostname `ABC`
becomes something like 'abc,10.0.0.10' - which in turn is hashed...
Therefore SSH with `HashKnownHosts=yes` is comparing wrong hashes:
hash('ABC,10.0.0.10') vs hash('abc,10.0.0.10')
Most likely a bug or an oversight in SSH.
With this option disabled (`HashKnownHosts=no`) both upcased `ABC`
and lowercased `abc` work.
Example with *ENABLED* `HashKnownHosts=yes`:
[oneadmin@ABC ~] hostname
ABC
[oneadmin@ABC ~] rm -f ~/.ssh/known_hosts
[oneadmin@ABC ~] ssh-keyscan -H $(hostname) >> ~/.ssh/known_hosts
[oneadmin@ABC ~]$ ssh ABC # this fails
No ECDSA host key is known for abc and you have requested strict
checking.
Host key verification failed.
[oneadmin@ABC ~]$ ssh abc # this works
Warning: Permanently added 'abc,10.10.0.41' (ECDSA) to the list
of known hosts.
Last login: Mon Jun 15 04:32:38 2020 from ::1
[oneadmin@ABC ~]$ # success with lowercase hostname
Signed-off-by: Petr Ospalý <pospaly@opennebula.io>
Includes fix to clean script
(cherry picked from commit edc7d7d17ef519fb132a6cf25291f7b9ef0af6b0)
co-authored-by: Christian González <cgonzalez@opennebula.io>