Idea Details

Clear the SSH known_hosts file automatically

Last activity 05-29-2019 10:47 PM
lilah's profile image
08-17-2016 03:35 AM

Hi everyone,

 

When using custom capture scripts for NCM, after each SSH connection the known_hosts file (located on the Assurance server) is updated with the public key of the device. Should that public key of that IP address change over time (for example the device has been replaced), the NCM task will fail for that device.

 

I received the following error within the NCM task when this issue occurred: "Login Error: Use of uninitialized value in concatenation (.) or string at ..." which wasn't pointing me in the right direction.

 

Assuming no solution is currently in place for NCM, I'd like to propose clearing the known_hosts file automatically or handle such key changes more gracefully. At present I had to clear this file myself in order to allow several objects to once again operate with NCM.

 

Any thoughts?


Comments

06-20-2017 11:00 AM

As the host key fingerprint is never being checked / confirmed but accepted automatically as you already mentioned, lilah security should not be that big of an obstacle to implement the requested behaviour. Best case would be to be able to activate / deactivate it. 

So long, you could remove the offending key within your NCM scripts (which can be done using sed e.g., or call the ssh client with options to ignore host key checking. Sure this is not recommended, but as you correclty stated the fingerprint is never manually validated, so this should not be the biggest concern. 

 

I would support the statement of mwegner regarding better NCM error handling as well. 

08-22-2016 11:08 AM

Keep in mind that NCM at no time asks you to permit the public key of the device, so that there doesn't seem to be anything secure with the SSH key sharing to begin with. The known hosts file is populated automatically and not via user intervention.

 

If any public key provided is stored as a known host, and this is the case for custom scripts rather than preconfigured device families, then perhaps the public key handling should be similar to that of preconfigured device families where there isn't any such known_hosts file.

08-22-2016 10:44 AM

I would rather see better error handling by NCM.  Perhaps an alarm generated after a configurable number of failed NCM captures?  That would achieve the same goal (catch NCM failures) without introducing a security issue.

08-22-2016 08:12 AM

That's a security breach. You can always cron a job to delete any host from known_hosts.