How to edit known_hosts when several hosts share the same IP and DNS name?
Posted
by
Frédéric Grosshans
on Super User
See other posts from Super User
or by Frédéric Grosshans
Published on 2012-07-05T12:32:17Z
Indexed on
2012/07/05
15:18 UTC
Read the original article
Hit count: 325
I regularly ssh into a computer which is a dual-boot OS X / Linux computer. The two OS instance do not share the same host key, so they can be seen as two host sharing the same IP and DNS. Let's say the IP is 192.168.0.9
, and the names are hostname
and hostname.domainname
As far as I understood, the solution to be able to connect to the two host is to add them both to the ~/.ssh/know_hosts
file. However, it is easier said than done, because the file is hashed, and has probably several entries per host (192.168.0.9
, hostname
, hostname.domainname
). As a consequence, I have the following warning
Warning: the ECDSA host key for 'hostname' differs from the key for the IP address '192.168.0.9'
Is there an easy way to edit the known_hosts
file, while keeping the hashes. For example, how can I find the lines corresponding to a given hostame? How can I generate the hashes for some known hosts?
The ideal solution would allow me to connect to seamlessly to this computer with ssh, no matter whether I call it 192.168.0.9
, hostname
or hostname.domainname
, nor if it uses its Linux hostkey or its OSX hostkey. However, I still want to receive a warning if there is a real man-in-the middle attack, i.e. if another key than these two is used.
© Super User or respective owner