http://bugzilla.suse.com/show_bug.cgi?id=1006221 Bug ID: 1006221 Summary: command to remove outdated hostkey from known_hosts file wrong Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.2 Hardware: Other OS: Other Status: NEW Severity: Minor Priority: P5 - None Component: Basesystem Assignee: bnc-team-screening@forge.provo.novell.com Reporter: aspiers@suse.com QA Contact: qa-bugs@suse.de Found By: Development Blocker: --- When a host with a non-default port is in the ~/.ssh/known_hosts file then the suggested command to remove it does not work. For example, if known_hosts contains: [192.168.42.129]:2222 ssh-rsa .... then connecting with an outdated hostkey gives something like: Offending ECDSA key in /home/user/.ssh/known_hosts:440 You can use following command to remove all keys for this IP: ssh-keygen -R 192.168.42.129 -f /home/user/.ssh/known_hosts but that command doesn't do the right thing; it removes the entry for the hostkey on the default port 22, not on port 2222. The correct command to suggest would have been: ssh-keygen -R [192.168.42.129]:2222 -f /home/user/.ssh/known_hosts This is a resubmission of the upstream bug: https://bugzilla.mindrot.org/show_bug.cgi?id=2169 which was rightly resolved as INVALID because the bug actually comes from a SUSE-specific patch: https://build.opensuse.org/package/view_file/openSUSE:Leap:42.2/openssh/open... The original source can be viewed here: https://github.com/openssh/openssh-portable/blob/00df97ff68a49a756d4b977cd02... -- You are receiving this mail because: You are on the CC list for the bug.