Nico Kadel-Garcia
2021-Mar-23 05:42 UTC
"ssh-keygen -R hostname" errors out with non-existent known_hosts
I've just run into what I consider a bug: If ~/.ssh/known_hosts does not exist, and the account owner runs the command or their script includes the command "ssh-keygen -R {hostname}", it reports an error rather than reporting "oh, yes, the file was empty and therefore your attempt to delete the hostname was unnecessary". If I want to delete a hostkey entry, and there is none to be found, shouldn't that be considered a successful operation?
Damien Miller
2021-Mar-23 23:01 UTC
"ssh-keygen -R hostname" errors out with non-existent known_hosts
On Tue, 23 Mar 2021, Nico Kadel-Garcia wrote:> I've just run into what I consider a bug: If ~/.ssh/known_hosts does > not exist, and the account owner runs the command or their script > includes the command "ssh-keygen -R {hostname}", it reports an error > rather than reporting "oh, yes, the file was empty and therefore your > attempt to delete the hostname was unnecessary". > > If I want to delete a hostkey entry, and there is none to be found, > shouldn't that be considered a successful operation?I think the condition of known_hosts being absent is worth communicating. Maybe a different exit value for that case? diff --git a/ssh-keygen.c b/ssh-keygen.c index a442dc8e..3f603163 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1305,8 +1305,14 @@ do_known_hosts(struct passwd *pw, const char *name, int find_host, free(cp); have_identity = 1; } - if (stat(identity_file, &sb) != 0) - fatal("Cannot stat %s: %s", identity_file, strerror(errno)); + if (stat(identity_file, &sb) != 0) { + if (errno != ENOENT) { + fatal("Cannot stat %s: %s", identity_file, + strerror(errno)); + } + logit("Hosts file %s does not exist", identity_file); + cleanup_exit(1); + } memset(&ctx, 0, sizeof(ctx)); ctx.out = stdout;
Jochen Bern
2021-Mar-24 09:45 UTC
"ssh-keygen -R hostname" errors out with non-existent known_hosts
On 23.03.21 06:42, Nico Kadel-Garcia wrote:> If I want to delete a hostkey entry, and there is none to be found, > shouldn't that be considered a successful operation?I can think of (easily more than) two scenarios where someone would want to run such a command in the first place: -- An admin performing cleanups on users' known_hosts file after a server changed keypairs or got decommissioned, where not finding the old pubkeys in some of the user configs would be expected and ignored -- A user who has had strict hostkey checking block his login and tries to fix the problem, where the command *failing* to (semi-)fix the problem is something he definitely wants to know about You can't have one and the same command do *both*. If anything, the reaction of "ssh-keygen -R ..." to a missing known_hosts file should be consistent with the outcome of it not finding a matching key therein to delete (which is to output an error message but still do an exit(0), apparently). Regards, -- Jochen Bern Systemingenieur Binect GmbH -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3449 bytes Desc: S/MIME Cryptographic Signature URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20210324/aa42d51a/attachment-0001.p7s>