Re: "ssh-keygen -R hostname" errors out with non-existent known_hosts

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On 23.03.21 06:42, Nico Kadel-Garcia wrote:
> If I want to delete a hostkey entry, and there is none to be found,
> shouldn't that be considered a successful operation?

I can think of (easily more than) two scenarios where someone would want
to run such a command in the first place:

-- An admin performing cleanups on users' known_hosts file after a
server changed keypairs or got decommissioned, where not finding the old
pubkeys in some of the user configs would be expected and ignored

-- A user who has had strict hostkey checking block his login and tries
to fix the problem, where the command *failing* to (semi-)fix the
problem is something he definitely wants to know about

You can't have one and the same command do *both*.

If anything, the reaction of "ssh-keygen -R ..." to a missing
known_hosts file should be consistent with the outcome of it not finding
a matching key therein to delete (which is to output an error message
but still do an exit(0), apparently).

Regards,
-- 
Jochen Bern
Systemingenieur

Binect GmbH

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux