[Debian bug 781107] ssh-keygen -F return code has changed and is not documented
Damien Miller
djm at mindrot.org
Wed Mar 25 09:53:54 AEDT 2015
On Tue, 24 Mar 2015, Matthew Vernon wrote:
> Hi,
>
> I tripped over the effects of commit 660854 [0] when moving some
> infrastructure from Debian 7 to 8 (openssh 6.0 to 6.7); our ansible
> module used "return 0, but no output" for 'host not found in known_hosts
> file', and now complains that ssh-keygen is returning an error status. I
> don't think this change in API was announced in the release notes?
>
> i.e. ssh-keygen -F foo.invalid -f ~/.ssh/known_hosts used to return 0
> (and no output), and now returns 1 (and no output).
>
> Is the non-zero return code really helpful here?
Yes, it lets you tell whether the hostname is present in known_hosts.
> Less controversially, could the return values of ssh-keygen and their
> meanings be documented (and flagged when they change), please?
Sure, someone has to do the work though.
-d
More information about the openssh-unix-dev
mailing list