Koe*_*ijt 6 ssh hostname auto-completion
当我 ssh 进入一台新机器时,我遇到了这个奇怪的问题,但我的known_hosts 文件会使用某种哈希值进行更新,但不会更新主机名。当我稍后尝试通过 SSH 连接到同一台机器时,这最终导致我无法自动完成。
例如:
我的known_hosts 文件的最后两行:
10.1.x.xx ecdsa-sha2-nistp256 AAAAE2VjZHNhLXN ... the rest of the hash
db03.test.fqdn.com ecdsa-sha2-nistp256 AAAAE2 ... the rest of the hash
我通过 SSH 连接到盒子:
#ssh app01.test.fqdn.com
[~]$ ssh app01.test.fqdn.com
The authenticity of host 'app01.test.fqdn.com (10.1.2.92)' can't be established.
ECDSA key fingerprint is SHA256:2zbk+M6WbAwjBbtODTklKDqctO/b2JQgirf4LWGh3jE.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'app01.test.fqdn.nl,10.1.x.xx' (ECDSA) to the list of known hosts.
Last login: Tue Feb 15 09:58:51 2022 from 10.1.x.xx
app01:[~]$
我新更新的known_hosts 文件将显示添加的内容:
10.1.x.xx ecdsa-sha2-nistp256 AAAAE2VjZHNhLXN ... the rest of the hash
db03.test.fqdn.com ecdsa-sha2-nistp256 AAAAE2 ... the rest of the hash
|1|xYTWX7K9utTfitsxMOGbPzw9N1o=|oDRxbbY1125i24iuXy5xuDmrLeo= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHYbjef6rxrnsVFFYrgHt05lkWK5R+eXao3Eo4WnYmo/ddzCMhq8S+QPd1EUtwcdGrolzNh8c3HU+NZRX8SSeFs=
|1|ViKCEleTNJ8pFeYaVJBIIYx1TJg=|pq9/mhpijBxbQa8H1NWBhKN3nKU= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHYbjef6rxrnsVFFYrgHt05lkWK5R+eXao3Eo4WnYmo/ddzCMhq8S+QPd1EUtwcdGrolzNh8c3HU+NZRX8SSeFs=
因此,我在尝试重新连接时无法使用制表符补全。但我不知道该去哪里查找。
小智 10
正如其他人评论的那样,HashKnownHosts yes导致主机名由于被散列而无法自动完成。Host *通过使用匹配所有主机将其添加到“全局”部分。
Host *\n HashKnownHosts no\n虽然这有效,但它并不能满足我的需求,因为我更喜欢短名称而不是长名称,并且我~/.ssh/config使用HostName短名称将短名称转换为 FQDN。这是我的config。
Host *\n HashKnownHosts no\n\nHost ns-*\n HostName %h.example.com\n IdentityFile ~/.ssh/%h\n IdentitiesOnly yes\n连接时ns-host01,将以下内容添加到known_hosts.
ns-host01.example.com,192.16.0.104 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOl4AD310E/7OpWInZvotUO1rshKy/PuljvR9nQmamNPlZaXBneXGaufJ6Ox74AlUVCS3NR3xrgOcea19qq4vIM=\n但这对自动完成 FQDN 没有帮助。虽然我可以手动添加短名称,但这太……手动了。我在网上找不到任何可以将带有 IP 的短主机名和known_hosts长主机名添加到. 然后我RTFM。
-f file\n Read hosts or \xe2\x80\x9caddrlist namelist\xe2\x80\x9d pairs from file, one per line. If \xe2\x80\x98-\xe2\x80\x99 is supplied instead of a filename, ssh-keyscan\n will read from the standard input. Input is expected in the format:\n\n 1.2.3.4,1.2.4.4 name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4\n考虑到这一点,这
\nHost *\n HashKnownHosts no\n生成以下内容,其中包含短主机名和长主机名以及 IP。
\n192.16.0.104,ns-host01,ns-host01.example.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNF+UEbktGXlyYX/t1hvnIvxa+9fB67q15EjBkZUA2EkkTrcvLwASi6np9gqM5dCSpE0CkLeGP75UMFR8LOAgqM=\n# 192.16.0.104:22 SSH-2.0-OpenSSH_8.1\n192.16.0.104,ns-host01,ns-host01.example.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMibknxgW6cY7JUsKQEB/i188uS9SLx8JoiMg+YD3n7U\n将其附加到您的代码中known_hosts,现在自动完成功能可以按预期工作,并在短主机名处停止。
| 归档时间: |
|
| 查看次数: |
3499 次 |
| 最近记录: |