Issue #21811 has been reported by Mark Ruys.
----------------------------------------
Bug #21811: Wrong format /etc/ssh/ssh_known_hosts for ecdsa-sha2-nistp256 keys
https://projects.puppetlabs.com/issues/21811
* Author: Mark Ruys
* Status: Unreviewed
* Priority: Normal
* Assignee:
* Category: ssh
* Target version:
* Affected Puppet version: 3.2.2
* Keywords: ssh
* Branch:
----------------------------------------
When I apply:
sshkey { "${fqdn}_ecdsa-sha2-nistp256":
host_aliases => [ "$fqdn", "$hostname", "$ipaddress" ],
type => ecdsa-sha2-nistp256,
key => $sshecdsakey,
}
the generated line is:
app01.cluster.peercode.nl_ecdsa-sha2-nistp256,app01.cluster.peercode.nl,app01,10.243.0.61
ecdsa-sha2-nistp256
AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDe0Ij3EUAUuZd3PRAUWSQk/Rc/uJQEQNnIlfFC9VPCPw8HRHr/ZBYBKwt/ucskE9+9NUVpNcEtSSZD7kiBQdoM=
This is not accepted by ssh, as it still ask to confirm the host identity. It
then inserts into ~/.ssh/know_hosts two lines:
|1|nKfBJdWYK8pcfw5uYDFbEjwinek=|i4xCR6M97ohkW2QX2EP4x6BrGOI=
ecdsa-sha2-nistp256
AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDe0Ij3EUAUuZd3PRAUWSQk/Rc/uJQEQNnIlfFC9VPCPw8HRHr/ZBYBKwt/ucskE9+9NUVpNcEtSSZD7kiBQdoM=
|1|AFKXXOXTMqb3s7xFZjIXMhLFgvw=|7Tj2HonmX9r//yTA0wm/tAcYXPw=
ecdsa-sha2-nistp256
AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDe0Ij3EUAUuZd3PRAUWSQk/Rc/uJQEQNnIlfFC9VPCPw8HRHr/ZBYBKwt/ucskE9+9NUVpNcEtSSZD7kiBQdoM=
Ubuntu 12.04
OpenSSH 5.9
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/groups/opt_out.
