x11-wm/xpra-4.2{,.1,.2}: Comment lines are deleted from ~/.ssh/known_hosts

[holgersson32644]

Hi,
if xpra connects to a yet unkown host it ask if the users wants to accept the server's key.
If the user accept, the whole ~/.ssh/known_hosts file is rewritten and all comment lines are stripped out. I tested versions xpra-4.2 to 4.2.2 on Gentoo with openssh-8.7_p1-r2.

Please fix this.

Kind reards,
Nils

[totaam]

This is not an xpra bug but a bug in paramiko.

In the default configuration, we rely on paramiko for implementing the ssh transport and call this function:

xpra/xpra/net/ssh.py

Lines 566 to 567 in ed33f52

	host_keys.add(host, host_key.get_name(), host_key)
	host_keys.save(host_keys_filename)

The problem is that when paramiko loads the keys it just skips all the comments:
https://github.com/paramiko/paramiko/blob/33daa8e541cb91cdee01a085c368e1b388472e6a/paramiko/hostkeys.py#L98-L99

Please file a ticket there if you care: https://github.com/paramiko/paramiko or perhaps in this more active fork: https://github.com/ploxiln/paramiko-ng

In the meantime, you can avoid this issue entirely with: xpra --ssh=ssh.

[holgersson32644]

You're right, thanks for the detailed hints!

[holgersson32644]

I guess paramiko won't fix this, as there is already a five year old bug there :(

paramiko/paramiko#680