search

saltstack / salt

Software to automate the management and configuration of any infrastructure or application at scale. Get access to the Salt software package repository here:
https://repo.saltproject.io/
Apache License 2.0
14.16k stars 5.48k forks source link

Multiple copies of host key via ssh_known_hosts.present #51359

Open johnnybubonic opened 5 years ago

johnnybubonic commented 5 years ago

Description of Issue/Question

On:

when using an ssh_known_hosts.present like such:

ssh_known_hosts.present:
  - name: '[fqdn.here.tld]:<portnum>,[ipv4.address.here]:<portnum>'
    enc: ssh-rsa
    hash_known_hosts: False
    key: "AAAA...=="
    user: root

it does not successfully detect that the key has been added - meaning every time the state is applied, the host key is added again. (Note: changing hash_known_hosts to True has no effect).

Per sshd(8), SSH_KNOWN_HOSTS FILE FORMAT section:

Hostnames is a comma-separated list of patterns...
(...)
A hostname or address may optionally be enclosed within ‘[’ and ‘]’ brackets then followed by ‘:’ and a non-standard port number

Setup

N/A

Steps to Reproduce Issue

See Description.

Versions Report

master:

Salt Version:
           Salt: 2018.3.3

Dependency Versions:
           cffi: 1.11.5
       cherrypy: unknown
       dateutil: Not Installed
      docker-py: Not Installed
          gitdb: Not Installed
      gitpython: Not Installed
          ioflo: Not Installed
         Jinja2: 2.8
        libgit2: 0.26.8
        libnacl: Not Installed
       M2Crypto: Not Installed
           Mako: Not Installed
   msgpack-pure: Not Installed
 msgpack-python: 0.5.6
   mysql-python: Not Installed
      pycparser: 2.17
       pycrypto: 2.6.1
   pycryptodome: Not Installed
         pygit2: 0.26.4
         Python: 3.4.9 (default, Aug 14 2018, 21:28:57)
   python-gnupg: Not Installed
         PyYAML: 3.11
          PyZMQ: 15.3.0
           RAET: Not Installed
          smmap: Not Installed
        timelib: Not Installed
        Tornado: 4.4.2
            ZMQ: 4.1.4

System Versions:
           dist: centos 7.6.1810 Core
         locale: UTF-8
        machine: x86_64
        release: 3.10.0-957.1.3.el7.x86_64
         system: Linux
        version: CentOS Linux 7.6.1810 Core

minion (centos 6):

Salt Version:
           Salt: 2018.3.3

Dependency Versions:
           cffi: Not Installed
       cherrypy: Not Installed
       dateutil: Not Installed
      docker-py: Not Installed
          gitdb: Not Installed
      gitpython: Not Installed
          ioflo: Not Installed
         Jinja2: 2.8.1
        libgit2: Not Installed
        libnacl: Not Installed
       M2Crypto: Not Installed
           Mako: Not Installed
   msgpack-pure: Not Installed
 msgpack-python: 0.4.6
   mysql-python: Not Installed
      pycparser: Not Installed
       pycrypto: 2.6.1
   pycryptodome: Not Installed
         pygit2: Not Installed
         Python: 2.7.13 (default, Mar 30 2018, 15:31:59)
   python-gnupg: Not Installed
         PyYAML: 3.11
          PyZMQ: 14.5.0
           RAET: Not Installed
          smmap: Not Installed
        timelib: Not Installed
        Tornado: 4.2.1
            ZMQ: 4.0.5

System Versions:
           dist: centos 6.10 Final
         locale: UTF-8
        machine: x86_64
        release: 2.6.32-754.10.1.el6.x86_64
         system: Linux
        version: CentOS 6.10 Final

(etc.) (all minions are using 2018.3.3, centos 6 is using python 2.7, others are using 3.x)

Ch3LL commented 5 years ago

looks like we need to add support to add the brackets. Thanks

stale[bot] commented 4 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

If this issue is closed prematurely, please leave a comment and we will gladly reopen the issue.

johnnybubonic commented 4 years ago

keep open

stale[bot] commented 4 years ago

Thank you for updating this issue. It is no longer marked as stale.