Inflating known_hosts
I have the following situation:
$ grep -c MonkeySphere ~/.ssh/known_hosts 27188 $ wc -l ~/.ssh/known_hosts 27350 /home/rhatto/.ssh/known_hosts
I found that monkeysphere is putting multiple lines for the same host with just the timestamp changing. Wondering why so many lines are needed as just the last verification matters, I did a more detailed check.
I have the following number of hosts being managed by monkeysphere (removing all the duplicates from the calculation):
$ grep MonkeySphere ~/.ssh/known_hosts | sed -e 's/MonkeySphere.*//' | sort | uniq | wc -l 47
Whose just the following are being duplicated:
$ grep MonkeySphere ~/.ssh/known_hosts | sed -e 's/MonkeySphere.*//' | sort | uniq -d | wc -l 31
I checked all these 31 hosts and all keys are of type ssh-rsa and are listed in known_hosts in the form of
[hostname]:port
Where "port" is a non-standard port. Also, the OpenPGP public key for each of those hosts has a uid in the form of ssh://hostname:port
It seems that while monkeysphere is correctly adding keys to known_hosts, it's not deleting the previous entries. I suspected that this has some to do with using non-standard ports for SSH but I checked process_keys_for_file() and looks like it's doing the right thing when a port number is present at the hostname string:
host="[${host%:*}]:${host##*:}"
So I don't know exactly where else to look at.
I'm running Monkeysphere 0.35 with the following portion in ~/.ssh/config:
Host * ProxyCommand monkeysphere ssh-proxycommand %h %p
I just set "CHECK_KEYSERVER=false" in my config but I don't think it will help much with this issue.
(from redmine: created on 2014-01-10, closed on 2014-01-10)