[Bug 2145] New: ssh-keygen -R doesn't work when there are entries for "proxycommand" keys
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Thu Aug 29 06:29:31 EST 2013
https://bugzilla.mindrot.org/show_bug.cgi?id=2145
Bug ID: 2145
Summary: ssh-keygen -R doesn't work when there are entries for
"proxycommand" keys
Product: Portable OpenSSH
Version: 6.2p1
Hardware: Other
OS: Linux
Status: NEW
Severity: trivial
Priority: P5
Component: ssh-keygen
Assignee: unassigned-bugs at mindrot.org
Reporter: hugh at davenport.net.nz
I can't seem to reproduce the same style entry, but below is snippets
that should show what is wrong.
Basically the gist is that example.com is in known hosts, and is a hop
point for a proxycommand for foo.example.com which has a explicit
hostname of an ip address. I tried to recreate it, but my current
version of ssh automatically puts the hashed host entry, not the ip,<no
hostip...> entry. They probably came from an earlier version of ssh.
$ ssh-keygen -f "/home/hdavenport/.ssh/known_hosts" -R example.com
# Host example.com found: line 1 type RSA
line 2 invalid key: 192.168.x.x,<no...
/home/hdavenport/.ssh/known_hosts is not a valid known_hosts file.
Not replacing existing known_hosts file because of errors
$ cat /home/hdavenport/.ssh/known_hosts
|1|hosthash ssh-rsa keyhash
192.168.x.x,<no hostip for proxy command> ssh-rsa keyhash
$ cat /home/hdavenport/.ssh/config
host foo.example.com
proxycommand ssh -q example.com nc -q0 %h %p
hostname 192.168.x.x
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list