"ssh-keygen -R hostname" errors out with non-existent known_hosts
djm at mindrot.org
Wed Mar 24 19:34:01 AEDT 2021
On Wed, 24 Mar 2021, Nico Kadel-Garcia wrote:
> > Because known_hosts not existing is an abnormal condition for a tool
> > that is asked to modify known_hosts.
> It's frequent in setups that don't generate known_hosts at all, due to
> IP and hostkey drift and poor local DNS which is startlingly common in
> small networks and dynamically generated clusters. It's also common in
> brand new docker environments or newly built host images, unless
> someone defines a procedure to build a .ssh/known_hosts file as part
> of creating the image. It also happens when people do "user -r" for a
> system account, and forget to use the "-m" option to create a home
> directory. Those accounts are going to have issues *generating* a
> known_hosts account, but I think it makes more sense to have that fail
> at a step that is supposed to create or update such an entry, not one
> that is supposed to delete entries.
Sure, but you're talking about known_hosts not existing being a common
situation but I never disputed this.
What's abnormal is running a tool to modify known_hosts when no such file
More information about the openssh-unix-dev