On 05/02/2010 10:51 AM, Clint Adams wrote:
> monkeysphere defaults to passing -H to ssh-keygen, regardless of how I have
> ssh configured. Rather than having to turn this off in two different places,
> it would be nice to share the setting.
>
> I have no idea how many people are actually using HashKnownHosts selectively,
> but something like this would work for me:
>
> awk '/HashKnownHosts/ {H=$2} END {if (H == "no") H="false"; if (H == "yes")
> H="true"; print H}' /etc/ssh/ssh_config ~/.ssh/config
>
> Defaulting to false unconditionally would also work for me.You can set MONKEYSPHERE_HASH_KNOWN_HOSTS=false in your environment to unconditionally avoid hashing known hosts. You could also add a single line to your monkeysphere config: echo 'HASH_KNOWN_HOSTS=false' >> ~/.monkeysphere/monkeysphere.conf We are not currently trying to parse the ssh config files because of the difficulties matching Host, etc. exactly how openssh matches them, not to mention the difficulties of parsing the command line options that might be applied in the parent process. The right way to solve this would be if the ssh client was to export (maybe via the environment?) its current configuration. Then the proxycommand wouldn't need to parse configs or command lines, and would simply know what to do. Here's an OpenSSH bug i opened about that enhancement: https://bugzilla.mindrot.org/show_bug.cgi?id=1766 hth, --dkg
signature.asc
Description: OpenPGP digital signature
