SSH known_hosts holds duplicate keys for same server

Question

I notice my local ~/.ssh/known_hosts file has two entries for the same machine on the local LAN:

 somemachine,192.168.1.200 ssh-rsa KEY...
 somemachine.search.domain ssh-rsa KEY...

It's the same key, the second one doesn't have the IP though. Is this just a result of having a search domain and so the known_hosts file must contain the "duplicate" key?

SSH won't detect it is visiting the same machine regardless of the hostname you attempt to connect with? 'SSH 192.168.1.200' does not request to create a new known_host so could I change the known_host to:

 somemachine,somemachine.search.domain,192.168.1.200 ssh-rsa KEY...

?

See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=81668 for a discussion on why ssh does not first canonicalize the host name you entered on the command line before checking known_hosts. — Mark Wagner, Mar 27 '12 at 16:43

score 3 · Accepted Answer · answered Mar 27 '12 at 16:12

3

It is because you must have used ssh somemachine and ssh somemachine.search.domain in the past, which creates 2 different entries. In ubuntu this is how my entries were created, in any case.

answered Mar 27 '12 at 16:12

johnshen64

5,747
23
17

1

Right, but does it have to be that way? Updated question – xref Mar 27 '12 at 16:20
1

yes, you can list all of them in one line. Or you can used somemachine*, if you don't the same hostname in multiple domains. – johnshen64 Mar 27 '12 at 16:33

SSH known_hosts holds duplicate keys for same server

1 Answers1

Linked