Support hashed hostnames in the known_hosts file

Some systems have "HashKnownHosts yes" in their ssh_config This causes entries in the ssh known_hosts to be hashed (|) Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
2025-05-17 15:18:43 +08:00 · 2020-10-27 12:17:58 +01:00
parent bce8331528
commit 83e54885ff
3 changed files with 546 additions and 1 deletions
--- a/pkg/terminal/util.go
+++ b/pkg/terminal/util.go
@ -12,6 +12,7 @@ import (

 	"github.com/sirupsen/logrus"
 	"golang.org/x/crypto/ssh"
+	"golang.org/x/crypto/ssh/knownhosts"
 	"golang.org/x/crypto/ssh/terminal"
 	"k8s.io/client-go/util/homedir"
 )
@ -114,6 +115,9 @@ func HostKey(host string) ssh.PublicKey {
 		return nil
 	}

+	// support -H parameter for ssh-keyscan
+	hashhost := knownhosts.HashHostname(host)
+
 	scanner := bufio.NewScanner(fd)
 	for scanner.Scan() {
 		_, hosts, key, _, _, err := ssh.ParseKnownHosts(scanner.Bytes())
@ -123,7 +127,7 @@ func HostKey(host string) ssh.PublicKey {
 		}

 		for _, h := range hosts {
-			if h == host {
+			if h == host || h == hashhost {
 				return key
 			}
 		}