Support hashed hostnames in the known_hosts file

Some systems have "HashKnownHosts yes" in their ssh_config This causes entries in the ssh known_hosts to be hashed (|) Signed-off-by: Anders F Björklund <[email protected]>
containers · Oct 27, 2020 · 83e5488 · 83e5488
1 parent bce8331
commit 83e5488
Show file tree

Hide file tree

Showing 3 changed files with 546 additions and 1 deletion.
diff --git a/pkg/terminal/util.go b/pkg/terminal/util.go
@@ -12,6 +12,7 @@ import (
 
 	"github.com/sirupsen/logrus"
 	"golang.org/x/crypto/ssh"
+	"golang.org/x/crypto/ssh/knownhosts"
 	"golang.org/x/crypto/ssh/terminal"
 	"k8s.io/client-go/util/homedir"
 )
@@ -114,6 +115,9 @@ func HostKey(host string) ssh.PublicKey {
 		return nil
 	}
 
+	// support -H parameter for ssh-keyscan
+	hashhost := knownhosts.HashHostname(host)
+
 	scanner := bufio.NewScanner(fd)
 	for scanner.Scan() {
 		_, hosts, key, _, _, err := ssh.ParseKnownHosts(scanner.Bytes())
@@ -123,7 +127,7 @@ func HostKey(host string) ssh.PublicKey {
 		}
 
 		for _, h := range hosts {
-			if h == host {
+			if h == host || h == hashhost {
 				return key
 			}
 		}