On Wed, 24 Mar 2021, Nico Kadel-Garcia wrote: > > Because known_hosts not existing is an abnormal condition for a tool > > that is asked to modify known_hosts. > > It's frequent in setups that don't generate known_hosts at all, due to > IP and hostkey drift and poor local DNS which is startlingly common in > small networks and dynamically generated clusters. It's also common in > brand new docker environments or newly built host images, unless > someone defines a procedure to build a .ssh/known_hosts file as part > of creating the image. It also happens when people do "user -r" for a > system account, and forget to use the "-m" option to create a home > directory. Those accounts are going to have issues *generating* a > known_hosts account, but I think it makes more sense to have that fail > at a step that is supposed to create or update such an entry, not one > that is supposed to delete entries. Sure, but you're talking about known_hosts not existing being a common situation but I never disputed this. What's abnormal is running a tool to modify known_hosts when no such file exists. -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
