Damien Miller
2021-Mar-24 01:10 UTC
"ssh-keygen -R hostname" errors out with non-existent known_hosts
On Tue, 23 Mar 2021, Nico Kadel-Garcia wrote:> On Tue, Mar 23, 2021 at 7:01 PM Damien Miller <djm at mindrot.org> wrote: > > > > On Tue, 23 Mar 2021, Nico Kadel-Garcia wrote: > > > > > I've just run into what I consider a bug: If ~/.ssh/known_hosts does > > > not exist, and the account owner runs the command or their script > > > includes the command "ssh-keygen -R {hostname}", it reports an error > > > rather than reporting "oh, yes, the file was empty and therefore your > > > attempt to delete the hostname was unnecessary". > > > > > > If I want to delete a hostkey entry, and there is none to be found, > > > shouldn't that be considered a successful operation? > > > > I think the condition of known_hosts being absent is worth communicating. > > Maybe a different exit value for that case? > > Exit 0, please. An absent known_hosts file doesn't contain the entry > the "ssh-keygen -R hostname" entry is expected to remove, and the > result should be considered a success for the command.I certainly don't agree. "grep foo /nonexistent" or "sed -i s/foo/bar /nonexistent" don't return status 0 either for exactly the same reason. -d
Thorsten Glaser
2021-Mar-24 01:20 UTC
"ssh-keygen -R hostname" errors out with non-existent known_hosts
On Wed, 24 Mar 2021, Damien Miller wrote:> > Exit 0, please. An absent known_hosts file doesn't contain the entry > > the "ssh-keygen -R hostname" entry is expected to remove, and the > > result should be considered a success for the command.Agreed.> "grep foo /nonexistent" or "sed -i s/foo/bar /nonexistent" don't return > status 0 either for exactly the same reason.This is more of a ,g/entry/d than a /entry/d in ed(1) parlance. It?s a convenience command to remove an entry from the list of known hosts, whether it exists or not or the file doesn?t even exist; it should only fail when the job can?t be done (e.g. the file is write-protected). Think of it as 'rm -f known_hosts/entry' which won?t fail if known_hosts/ doesn?t exist. bye, //mirabilos -- ?MyISAM tables -will- get corrupted eventually. This is a fact of life. ? ?mysql is about as much database as ms access? ? ?MSSQL at least descends from a database? ?it's a rebranded SyBase? ?MySQL however was born from a flatfile and went downhill from there? ? ?at least jetDB doesn?t claim to be a database? (#nosec) ??? Please let MySQL and MariaDB finally die!