On Wed, 7 May 2014, Mattias Lindgren wrote: > Every once in a while I?ll rebuild a box in my environment, and the > ssh key will change. To clean up my known_hosts file to allow me to > re-insert the new entry, I will do ssh-keygen -R <ip>. This has the > unintended consequence of matching on the offending entry in the > known_hosts file *and* my cert-authority entry: > > $ ssh-keygen -R 10.50.3.149 > # Host 10.50.3.149 found: line 1 type RSA > # Host 10.50.3.149 found: line 512 type ECDSA > /Users/mlindgren/.ssh/known_hosts updated. > Original contents retained as /Users/mlindgren/.ssh/known_hosts.old > > Am I missing something fundamental here? No, that's a bug. Could you file it at https://bugzilla.mindrot.org/ ? -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev