bin/56731: new ssh does not match old known_host entries for ED25519

To: gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: bin/56731: new ssh does not match old known_host entries for ED25519
From: martin%NetBSD.org@localhost
Date: Thu, 24 Feb 2022 17:25:00 +0000 (UTC)

>Number:         56731
>Category:       bin
>Synopsis:       new ssh does not match old known_host entries for ED25519
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Feb 24 17:25:00 +0000 2022
>Originator:     Martin Husemann
>Release:        NetBSD 9.99.93
>Organization:
The NetBSD Foundation, Inc.
>Environment:
System: NetBSD martins.aprisoft.de 9.99.93 NetBSD 9.99.93 (GENERIC) #107: Thu Feb 24 07:59:49 CET 2022 martin%martins.aprisoft.de@localhost:/usr/src/sys/arch/amd64/compile/GENERIC amd64
Architecture: x86_64
Machine: amd64
>Description:

The new ssh 8.9 in -current does not match existing ssh-ed25519 entries
in ~/.ssh/known_hosts. It reports a mismatch for all machines:

 > ssh unpluged.duskware.de
The authenticity of host 'unpluged.duskware.de (192.168.150.127)' can't be established.
ED25519 key fingerprint is SHA256:zEssxdAVhCuCbl2iL3ILZnnl4N/lmmfPlIiIG5do0bE.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? 

Same things happens for TNF machines where I have such an entry, other machines
where I only have ssh-rsa entries still work fine.

>How-To-Repeat:

in -current try to ssh to something with a ssh-ed25519 entry in ~/.ssh/known_hosts

>Fix:
n/a

Prev by Date: Re: kern/56730: Lock error panic in entropy_enter_early()
Next by Date: NetBSD Nightly Trouble Ticket Report
Previous by Thread: kern/56730: Lock error panic in entropy_enter_early()
Next by Thread: Re: kern/56725 (NetBSD current panics on ls in a directory with device nodes on older ffs format)
Indexes:

Home | Main Index | Thread Index | Old Index