Bug #80605 make Workbench use own known hosts file
Submitted: 3 Mar 2016 13:46 Modified: 16 May 2016 23:09
Reporter: Christian Hesse (OCA) Email Updates:
Status: Closed Impact on me:
Category:MySQL Workbench Severity:S4 (Feature request)
Version:6.3.6 OS:Any
Assigned to: CPU Architecture:Any
Tags: known_hosts, paramiko, ssh, workbench

[3 Mar 2016 13:46] Christian Hesse
Workbench makes paramiko read ssh config (and known_hosts) from system ssh. For Linux this is ~/.ssh/config and ~/.ssh/known_hosts.

My ssh client (latest openssh) and server support ed25519 host keys, resulting in ed25519 host key entries in ~/.ssh/known_hosts.

Paramiko (even latest version, using 0.16.0) does (not yet) support ed25519 keys. When WB connects to a host with ed25519 host key it finds the matching entry but can not read it. The known hosts file is truncated and all more recent host key entries are lost.

Making paramiko work with ed25519 would work around that problem. However openssh could decide to support ed448 (or any other) key and things would break again.

How to repeat:
* connect to host A via ssh
* make sure first ed25519 host key is added to ~/.ssh/known_hosts
* connect to host B via ssh
* make sure second ed25519 host key is added to ~/.ssh/known_hosts
* connect to host A with WB

-> first host key is replaced with RSA (or DSA or ECDSA) host key
-> second host key is lost

Suggested fix:
WB should have an option to specify path to ssh config and/or known hosts file, overwriting the default.
[3 Mar 2016 13:53] Milosz Bodzek
Thank you for the feature request.
[16 May 2016 23:09] Philip Olson
Posted by developer:
Fixed as of the upcoming MySQL Workbench 6.3.7 release, and here's the changelog entry:

An new option is available to specify a path to the SSH configuration
and/or known hosts file. This option overwrites the defaults.

Thank you for the bug report.