[Bug 274170] New: sftp kio slave does not support new openssh known_hosts key format

Bernie bernard.gray at gmail.com
Thu May 26 07:34:03 BST 2011 

https://bugs.kde.org/show_bug.cgi?id=274170

           Summary: sftp kio slave does not support new openssh
                    known_hosts key format
           Product: kde
           Version: 4.6
          Platform: Unlisted Binaries
        OS/Version: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: NOR
         Component: general
        AssignedTo: unassigned-bugs at kde.org
        ReportedBy: bernard.gray at gmail.com


Version:           4.6 (using KDE 4.6.2) 
OS:                Linux

Symptom:
Attempting to connect to a host with sftp via a kio slave mechanism (eg
dolphin/konqueror) gives the following error:
"Connection to host The host key for this server was not found, but another
type of key exists. 
An attacker might change the default server key to confuse your client into
thinking the key does not exist.
Please contact your system administrator.
 is broken."

The source of the problem is a new key format being inserted into
~/.ssh/known_hosts by the openssh client, which sftp-kio doesn't recognise. 
If the host is first connected to via openssh-client, then the new format key
is written to known_hosts, and sftp-kio fails with the above error.
If the host is first connected to via sft-kio, then the old type of key is
written to known_hosts, and dolphin/konqueror successfully connects.

Extra system info:
KDE 4.6.2 by Debian KDE Maintainers, from their experimental-snapshots repo
Debian unstable (up-to-date)
2.6.39 kernel (aptosid)

Reproducible: Always

Steps to Reproduce:
* start with empty ~/.ssh/known_hosts
* connect to host via openssh-client, accept the new key
* connect to the host with sftp-kio slave eg in dolphin, go to
sftp://user@host:port



Actual Results:  
It fails to connect to the host with the error listed above

Expected Results:  
It should connect to the host and allow sftp connection/browsing

Some diagnostic discussion at:
http://forum.kde.org/viewtopic.php?f=18&t=93475

Further reading pointed to a key format change called ECDSA in openssh 5.7 - I
don't know if that is the correct title for this new format, but the timing
seems about right.
http://mac.softpedia.com/progChangelog/OpenSSH-Changelog-14691.html

-- 
Configure bugmail: https://bugs.kde.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the Unassigned-bugs mailing list