SSH - How to add host to ssh/known_host file

0

The known_hosts file looks like this :- 

[localhost]:8001 ssh-dss AAAAB3NzaC1kc3MAAACBAP1/U4EddRIpU   
[10.18.60.198]:8001 ssh-dss AAAAB3NzaC1kc3MAAACBAP1/U4EddRIpUt9
// key are trimmed at the end

This keys are added via Eclipse IDE, Want to know what are other ways to add hosts (IPs) and their keys to ssh/known_hosts file.

Specific:- How to add ssh-dss key for any host(IP) in known_hosts file.

EDIT:-

I am using JBoss BRMS which uses git for BRMS Projects, So at time of cloning the BRMS Project in Eclipse IDE via Git it gives following error

The authenticity of host 'localhost' can't be established.
DSA key fingerprint is e2:2c:62 //trimmed.
Are you sure you want to continue connecting?

And it then automatically add ssh-dss key to known_hosts file.

So where to find that key and add it manually on knownhosts file

Tarun

Posted 2018-12-04T05:53:22.433

Reputation: 51

Did you just post your private keys on the internet? – HackSlash – 2018-12-06T21:59:39.170

@HackSlash It is not private key and It is trimmed as you can see – Tarun – 2018-12-07T07:03:22.967

Answers

2

The format of ~/.ssh/known_hosts is defined by OpenSSH. Other software might either call OpenSSH (the ssh command), or might have its own implementations that aren't necessarily 100% compatible.

The OpenSSH known_hosts format is described in the sshd(8) manual page, under "ssh_known_hosts file format". It says that it's a text file with one line per host–key pair:

Each line in these files contains the following fields: markers (optional), hostnames, keytype, base64-encoded key, comment. The fields are separated by spaces. […] Hostnames is a comma-separated list of patterns (‘*’ and ‘?’ act as wildcards); each pattern in turn is matched against the host name. […] A hostname or address may optionally be enclosed within ‘[’ and ‘]’ brackets then followed by ‘:’ and a non-standard port number.

To automatically add a key for a new host, just SSH to it.

To manually add a key for a new host, 1) open the known_hosts file in your text editor and 2) add the key for a new host, following the same format. (The key must match the host you're connecting to. You can query a host for its key using ssh-keyscan -t <type> <address>.)

To add a key for all hosts, use a * pattern as the hostname, which will match all hostnames and addresses. To add a key for all hosts on a specific port, use [*]:8001 as the hostname.

user1686

Posted 2018-12-04T05:53:22.433

Reputation: 283 655

How to generate ssh-dss key for any host – Tarun – 2018-12-04T06:24:14.097

1You don't generate it, you copy the key that the host already uses. There is no magic "any host" key. – user1686 – 2018-12-04T06:29:26.967

i am using jboss EAP, a simple web application server which is running on localhost, where to find ssh-dss key ? – Tarun – 2018-12-04T07:16:45.613

2If your app is running on localhost, then the SSH host itself is localhost. Use your own computer's key then, e.g. from ssh-keyscan -t dsa localhost. – user1686 – 2018-12-04T07:47:35.887

i run this command on git bash on my computer Desktop. but it nothing is displaying on command line. – Tarun – 2018-12-04T08:40:49.717

@Tarun, did you try just ssh-keyscan localhost (without -t dsa localhost)? – Sasha – 2018-12-06T09:10:14.627

@Sasha yes , i run it on git bash but cant find the ssh-dss key of localhost – Tarun – 2018-12-06T09:15:31.637

@Tarun, sorry for a stupid question, but why do you need specifically a DSS key? What other kinds of keys does ssh-keyscan localhost show? Aren't these kinds of keys enough? – Sasha – 2018-12-06T09:19:01.660

BTW, if the local server of question is running on the port 8001, then you probably need ssh-keyscan -p 8001 localhost (instead of ssh-keyscan localhost). – Sasha – 2018-12-06T09:21:39.387

@grawity please see the EDIT in OP – Tarun – 2018-12-06T10:54:18.787

0

Try sshing into your target, and then type yes when it asks to save the key.

Xander Everest

Posted 2018-12-04T05:53:22.433

Reputation: 23

Asked: 2018-12-04T05:53:22.433

Viewed: 5 139 times

Active: 2018-12-06T17:43:20.603