[
https://issues.apache.org/jira/browse/SSHD-745?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16003118#comment-16003118
]
Goldstein Lyor commented on SSHD-745:
-------------------------------------
We currently have no immediate plans to support IPv6. That being said, we would
like to be at least IPv6 "tolerant" - i.e., be able to ignore such entries.
However, since we do not have enough development resource available and does
not seem to be a wide-spread problem, this is very low priority, so my only
advice at this stage would be to consider contributing a patch yourself. I
belive changing the code to be able to handle IPv6 addresses correctly is a bit
too complex to tackle right away. However, making the code that reads the
_known_hosts_ file handle port specifications and/or ignore IPv6 addresses is
possible to complete in a relatively short time.
As far as the immediate fix for your problem you can disable the code that
reads/writes to/from the _known_hosts_ file as follows:
{code:java}
SshClient client = SshClient.setupDefaultClient();
client.setServerKeyVerifier(...your verifier...); // there are several built-in
defaults - e.g., one that blindly accepts all
{code}
This will of course disable this ability in the code, but will silence these
pesky warnings, so unless you absolutely must have this functionality, it would
be a solution. Another solution would be to replace the server key verifier
with your own that extends {{KnownHostsServerKeyVerifier}} and override the
(many) avbailable methods to handle this case in some special manner.
> KnownHostEntry cannot parse [host]:port or IPv6 with %link entries
> ------------------------------------------------------------------
>
> Key: SSHD-745
> URL: https://issues.apache.org/jira/browse/SSHD-745
> Project: MINA SSHD
> Issue Type: Bug
> Affects Versions: 1.2.0
> Reporter: Stephen Connolly
> Priority: Minor
>
> My known hosts file contains lines like: (note I have sanitized the lines and
> switched entries to documentation reserved IP addresses and DNS names)
> {code}
> [host.example.com]:7999,[192.0.2.3]:7999 ssh-rsa AAAA...Z45M/
> 2001:db8:85a3::8a2e:370:7334%en1 ecdsa-sha2-nistp256 AAAAE2...q9zmk=
> {code}
> Both of which will bomb out with errors like:
> {code}
> WARNING: Failed (StreamCorruptedException) to reload server keys from
> /Users/stephenc/.ssh/known_hosts: Failed (IllegalArgumentException) to parse
> line #96 '2001:db8:85a3::8a2e:370:7334%en1 ecdsa-sha2-nistp256
> AAAAE2...q9zmk=': Invalid host pattern char in
> 2001:db8:85a3::8a2e:370:7334%en1
> {code}
> or
> (This next one is a thrown away ssh server running in docker and the
> container is gone so I can provide the full unedited line)
> {code}
> WARNING: Failed (StreamCorruptedException) to reload server keys from
> /Users/stephenc/.ssh/known_hosts: Failed (IllegalArgumentException) to parse
> line #60 '[127.0.0.1]:49153 ssh-rsa
> AAAAB3NzaC1yc2EAAAADAQABAAABAQC5ntfSGAQOO2O/8ma7mtk9UaC6JWVlJ+6WAjnN3V510wc4nkkUcL66hZZyPLI0TYhk2CHNNQPeXkc6Cq7enSJab7SI06MhCQhF9yeuBQnphNBsUa01twPgycQOdrYey+4hIVXRF5BbckuU5nVAuFsPv7utNROmo+XoWoAdopSiejWs6Mrox+VIwgeN6peJ5l5jPqCjMEBTP9iNWgZMa+wQN7cTWpi7lIbK+a2hnzHz5P8oWFN8j8jREm+/6NK1IdW3c0CsLRWyee50GYYQOEi0zo1FfGweia5CbzfjRtfd0XFtUxGtULJpPoj9x/7xHuFUL1rYoKAGaTPzPdBHJTiJ':
> Invalid host pattern char in [127.0.0.1]:49153
> {/code}
> https://en.wikibooks.org/wiki/OpenSSH/Client_Configuration_Files seems to
> indicate that {{[host]:port}} is the syntax for when the ssh server is using
> a non-standard port
> https://serverfault.com/a/771355/147023 reports that the % at the end of the
> IPv6 address is indicating the local link (in my case %en1 being WIFI on my
> macbook, but I have seem %eth0 on modern linux servers)
> Completely blowing up for these entries seems rather wrong, I would expect
> either skipping such entries or actually being able to parse them.
> Checking the current code on master it seems this issue has not been resolved
> yet:
> IOW
> https://github.com/apache/mina-sshd/blob/5b0b163c5500fedc2a6bae0fc5e260d64fcf370a/sshd-core/src/main/java/org/apache/sshd/client/config/hosts/HostPatternsHolder.java#L289-L306
> still will reject a host name containing either the non-standard port
> specification or the link specifier
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
