[openssh-commits] [openssh] 04/07: upstream: Check if host keys exist before adding them, and expand

git+noreply at mindrot.org git+noreply at mindrot.org
Mon Mar 30 18:51:35 AEDT 2026 

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 2ecfcc0aae651621535e345a1c23ff6d2a9593c9
Author: dtucker at openbsd.org <dtucker at openbsd.org>
AuthorDate: Mon Mar 23 09:53:52 2026 +0000

    upstream: Check if host keys exist before adding them, and expand
    
    on the warning about modifying the system config.
    
    OpenBSD-Regress-ID: 68038da909f9c992375b7665dab0331d6af426b7
---
 regress/hostbased.sh | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/regress/hostbased.sh b/regress/hostbased.sh
index 3798f8b83..4df600279 100644
--- a/regress/hostbased.sh
+++ b/regress/hostbased.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: hostbased.sh,v 1.6 2026/03/23 09:09:36 dtucker Exp $
+#	$OpenBSD: hostbased.sh,v 1.7 2026/03/23 09:53:52 dtucker Exp $
 #	Placed in the Public Domain.
 
 # This test requires external setup and thus is skipped unless
@@ -12,8 +12,8 @@
 #
 # Setting TEST_SSH_HOSTBASED_AUTH to the special value "setupandrun" will,
 # if run with SUDO, perform this setup and run the test.  Note that this will
-# modify the global config to enable HostbasedAuthentication and leave it
-# enabled, so do not do this on a system that matters.
+# MODIFY THE SYSTEM'S GLOBAL CONFIG to enable HostbasedAuthentication and
+# leave it enabled, so do not do this on a system that matters.
 #
 tid="hostbased"
 
@@ -32,8 +32,10 @@ elif [ "${TEST_SSH_HOSTBASED_AUTH}" = "setupandrun" ]; then
 		    $SUDO tee -a $sshconf/ssh_config >/dev/null
 	fi
 	for pubkey in $sshconf/ssh_host*key*.pub; do
-		echo `hostname` `cat $pubkey` | \
-		    $SUDO tee -a $knownhosts >/dev/null
+		line="`hostname` `cat $pubkey`"
+		if ! grep "$line" "$knownhosts" >/dev/null; then
+			echo "$line" | $SUDO tee -a $knownhosts >/dev/null
+		fi
 	done
 fi
 

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list