| Bug ID | 1006221 |
|---|---|
| Summary | command to remove outdated hostkey from known_hosts file wrong |
| Classification | openSUSE |
| Product | openSUSE Distribution |
| Version | Leap 42.2 |
| Hardware | Other |
| OS | Other |
| Status | NEW |
| Severity | Minor |
| Priority | P5 - None |
| Component | Basesystem |
| Assignee | bnc-team-screening@forge.provo.novell.com |
| Reporter | aspiers@suse.com |
| QA Contact | qa-bugs@suse.de |
| Found By | Development |
| Blocker | --- |
When a host with a non-default port is in the ~/.ssh/known_hosts file then the suggested command to remove it does not work. For example, if known_hosts contains: [192.168.42.129]:2222 ssh-rsa .... then connecting with an outdated hostkey gives something like: Offending ECDSA key in /home/user/.ssh/known_hosts:440 You can use following command to remove all keys for this IP: ssh-keygen -R 192.168.42.129 -f /home/user/.ssh/known_hosts but that command doesn't do the right thing; it removes the entry for the hostkey on the default port 22, not on port 2222. The correct command to suggest would have been: ssh-keygen -R [192.168.42.129]:2222 -f /home/user/.ssh/known_hosts This is a resubmission of the upstream bug: https://bugzilla.mindrot.org/show_bug.cgi?id=2169 which was rightly resolved as INVALID because the bug actually comes from a SUSE-specific patch: https://build.opensuse.org/package/view_file/openSUSE:Leap:42.2/openssh/openssh-7.2p2-host_ident.patch?expand=1 The original source can be viewed here: https://github.com/openssh/openssh-portable/blob/00df97ff68a49a756d4b977cd02283690f5dfa34/sshconnect.c#L1089