Skip to content
This repository was archived by the owner on Jan 24, 2022. It is now read-only.

There seems to be an issue with duplicate key detection #351

Closed
claudijd opened this issue Mar 24, 2017 · 3 comments
Closed

There seems to be an issue with duplicate key detection #351

claudijd opened this issue Mar 24, 2017 · 3 comments
Labels
bug

Comments

@claudijd
Copy link
Contributor

In scanning a large number of hosts I'm seeing duplicate keys where duplicate keys don't actually exist.

Need to dig in and figure out why this is happening.

This can be seen here:

https://github.com/mozilla/ssh_scan/blob/master/examples/github.ghproxy.top.json#L90-L93
@claudijd claudijd added the bug label Mar 24, 2017
@claudijd
Copy link
Contributor Author

This is due to the addition of the "known_keys" attribute being included in what was previously thought to only include key values, so the hostkey db is polluted.

@claudijd
Copy link
Contributor Author

Problem code exists here:

https://github.com/mozilla/ssh_scan/blob/master/lib/ssh_scan/scan_engine.rb#L152-L156

And here:

https://github.com/mozilla/ssh_scan/blob/master/lib/ssh_scan/scan_engine.rb#L165-L171

@claudijd claudijd mentioned this issue Mar 24, 2017
Merged
@claudijd
Copy link
Contributor Author

The good thing here is that polluted records should self-correct in a couple ways based on #352

1.) When scanning IP A it will remove the old fingerprint and apply the new non-polluted one.
2.) As a result of scanning IP A it will no longer detect an arbitrary collision with IP B

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@claudijd