On 23.03.21 06:42, Nico Kadel-Garcia wrote: > If I want to delete a hostkey entry, and there is none to be found, > shouldn't that be considered a successful operation? I can think of (easily more than) two scenarios where someone would want to run such a command in the first place: -- An admin performing cleanups on users' known_hosts file after a server changed keypairs or got decommissioned, where not finding the old pubkeys in some of the user configs would be expected and ignored -- A user who has had strict hostkey checking block his login and tries to fix the problem, where the command *failing* to (semi-)fix the problem is something he definitely wants to know about You can't have one and the same command do *both*. If anything, the reaction of "ssh-keygen -R ..." to a missing known_hosts file should be consistent with the outcome of it not finding a matching key therein to delete (which is to output an error message but still do an exit(0), apparently). Regards, -- Jochen Bern Systemingenieur Binect GmbH
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
