[Debian bug 781107] ssh-keygen -F return code has changed and is not documented
Matthew Vernon
matthew at debian.org
Thu Mar 26 01:32:34 AEDT 2015
On 24/03/15 22:53, Damien Miller wrote:
> On Tue, 24 Mar 2015, Matthew Vernon wrote:
>
>> Hi,
>>
>> I tripped over the effects of commit 660854 [0] when moving some
>> infrastructure from Debian 7 to 8 (openssh 6.0 to 6.7); our ansible
>> module used "return 0, but no output" for 'host not found in known_hosts
>> file', and now complains that ssh-keygen is returning an error status. I
>> don't think this change in API was announced in the release notes?
>>
>> i.e. ssh-keygen -F foo.invalid -f ~/.ssh/known_hosts used to return 0
>> (and no output), and now returns 1 (and no output).
>>
>> Is the non-zero return code really helpful here?
>
> Yes, it lets you tell whether the hostname is present in known_hosts.
Iff nothing else has gone wrong - ssh-keygen -F can return 1 in other
cases, as well. So you're still left with relying on an absence of
output, aren't you?
Regards,
Matthew
More information about the openssh-unix-dev
mailing list