In hasHostKey(), check the host key type when parsing ~/.ssh/known_hosts

If we have an ecdsa-nistp-256 key in known_hosts, but the server offers an ssh-rsa key, this will cause conch to skip the entry instead of raising a bad host key error.
pyna · Dec 27, 2016 · 061ef64 · 061ef64
1 parent d5dacf3
commit 061ef64
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/twisted/conch/client/knownhosts.py b/src/twisted/conch/client/knownhosts.py
@@ -431,7 +431,7 @@ def hasHostKey(self, hostname, key):
             does not match the given key.
         """
         for lineidx, entry in enumerate(self.iterentries(), -len(self._added)):
-            if entry.matchesHost(hostname):
+            if entry.matchesHost(hostname) and entry.keyType == key.sshType():
                 if entry.matchesKey(key):
                     return True
                 else: