Subject: Re: Problem with known_hosts

Re: Problem with known_hosts

From: Alexander Lamaison <>
Date: Wed, 2 Mar 2011 09:48:12 +0000

On 2 March 2011 09:28, Pierre-Yves Fontaniere <> wrote:
> Hello
> I have a problem with libssh2_knownhost_check telling me that the host
> doesn't exist in known_hosts file.
> It appears that when we have a known_hosts file with more than a name and an
> IP-addr like :
> host_alias,hostname,hostname_FQDN,host_IPADDR KEY_TYPE KEY

I've never seen a knownhost entry that looks like this but I can
understand how it might be legal. Knownhost entries created by
OpenSSH look like this:

hostname,host_IPADDR KEY_TYPE, KEY

libssh2 splits these into two entries when it writes back to the file
as it doesn't remember that the hostname and IP-address are associated
with each other. This is something I'd like to change but haven't had
the time yet.

> The function hostline create a list of only two hosts strings containing :
>  - "host_alias"
>  - "hostname,hostname_FQDN,host_IPADDR"

I think what is happening here is that libssh2 expected at most two
'aliases' for the single key; one hostname, one IP-address. As your
entry has many aliases, it blindly splits it at the first comma.

> I'm using libssh2 1.2.7 on AIX 6.1 / 5.3
> Is it a bug or am i doing something wrong ?

It's a bug. There are two possible solutions.

The rougher, easier fix would be to modify libssh2 so that it can
process an arbitrary number of comma-separated aliases and creates a
new entry for each one.

The much nicer fix would be to modify the knownhost handling so that
it explicitly supports alias lists and doesn't split them into
separate entries. This means libssh2 could read in and write out any
known_hosts file and there should be no difference between the before
and after.

Unfortunately, I'm snowed under with work and don't have time to look
at this. Patches welcome :)


Easy SFTP for Windows Explorer (
Received on 2011-03-02