similar to: [Debian bug 781107] ssh-keygen -F return code has changed and is not documented

I have confirmed this behavior from OpenSSH 6.6 in OS X (from MacPorts) and 6.6 in Ubuntu. I have set up a SSH Certificate authority, and as such I put in the following line at the top of my known_hosts file @cert-authority *.mydomain.com ssh-rsa <public key> Below this are all my hashed entries for various other hosts that I?ve contacted over the years. Every once in a while I?ll

Since ssh-keygen is not listing the _types_ of keys I have in my file, wouldn't it be a good idea to make the -t switch filtering out the selected type of key when doing a listing with -l? i.e. in this case I see both rsa1, rsa, and dss keys: $ ssh-keygen -l -f ~/.ssh/known_hosts 1024 a9:4f:0b:b6:33:d7:d0:ad:6a:11:b4:57:25:7e:1e:f8 fluff.x42.com 1024

https://bugzilla.mindrot.org/show_bug.cgi?id=2591 Bug ID: 2591 Summary: ssh-keygen -R is case-sensitive, but should not be Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: minor Priority: P5 Component: ssh-keygen Assignee: unassigned-bugs

https://bugzilla.mindrot.org/show_bug.cgi?id=2145 Bug ID: 2145 Summary: ssh-keygen -R doesn't work when there are entries for "proxycommand" keys Product: Portable OpenSSH Version: 6.2p1 Hardware: Other OS: Linux Status: NEW Severity: trivial Priority: P5

Scenario: Use the ssh-keygen utility in openssh-1.2pre17 to generate a host key Kill and restart sshd Remove the old host key from ~/.ssh/known_hosts Connect to the host using ssh. I get this: homer.ka9q.ampr.org$ ssh 199.106.106.3 who The authenticity of host '199.106.106.3' can't be established. Key fingerprint is 1024 a0:8d:17:f0:fa:a9:9f:6f:b5:d0:1c:d6:02:92:bd:5e. Are you sure

https://bugzilla.mindrot.org/show_bug.cgi?id=1544 Summary: ssh-keygen -l on known_hosts file does not display hostnames for lines with comments Product: Portable OpenSSH Version: 5.1p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: ssh-keygen

http://bugzilla.mindrot.org/show_bug.cgi?id=780 Summary: ssh host-key hash should match ssh-add/ssh-keygen hash Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: Linux Status: NEW Severity: enhancement Priority: P2 Component: ssh AssignedTo: openssh-bugs at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=3083 Bug ID: 3083 Summary: Passing tilde (HOME) in file option results in cryptic error Product: Portable OpenSSH Version: 8.1p1 Hardware: ix86 OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh-keygen

Hi, I have recently taken over as Debian maintainer for ssh. This means you're going to be getting lots of mail from me in the near future :-) I'm aiming to be a little more active than the last maintainer, but the Debian packages were really out of date, so I've quite a lot of work (and probably some old bugs) to deal with. Anyhow, onto the first question. ssh these days uses

http://bugzilla.mindrot.org/show_bug.cgi?id=1319 Summary: ssh-keygen does not properly handle multiple keys Product: Portable OpenSSH Version: 4.5p1 Platform: Other OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh-keygen AssignedTo: bitbucket at mindrot.org

Hello & thanks for reading. I'm having a problem configuring known_hosts from scripts so an accept key yes/no prompt doesn't appear. I'm using this command to detect if the server is known and add it to known_hosts: if ! ssh-keygen -F ${IP_ADDR} -f ~/.ssh/known_hosts > /dev/null 2>&1; t hen ssh-keyscan -p ${PORT} ${IP_ADDR} >> ~/.ssh/known_hosts; fi This works

https://bugzilla.mindrot.org/show_bug.cgi?id=2285 Bug ID: 2285 Summary: Say NOT updated instead of updated Product: Portable OpenSSH Version: 6.6p1 Hardware: Other URL: http://bugs.debian.org/764269 OS: Linux Status: NEW Severity: trivial Priority: P5 Component:

https://bugzilla.mindrot.org/show_bug.cgi?id=1545 Summary: ssh-keygen -R removes all comments from known_hosts file Product: Portable OpenSSH Version: 5.1p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: ssh-keygen AssignedTo:

https://bugzilla.mindrot.org/show_bug.cgi?id=3226 Bug ID: 3226 Summary: Feature request: Prempt fingerprint prompt when connecting to new server Product: Portable OpenSSH Version: 8.4p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component:

Hi, for a test lab, I'm trying to write a small shell script that will eradicate all information regarding a special host from the known_hosts file. Unfortunately, it is quite non-trivial to find out what ssh doesn't like with a host. ssh says which line in known_hosts has the offending key, but ssh-keygen -R doesn't take a line number. Am I using an undocumented interface when I

Hi list members, just tried to get some old records out of my known_hosts, which is 'HashKnownHosts yes'. Is there a way to unhash host names and/or IPs? Google tells about, how to add hosts, but not the opposite, may be I miss some thing. Is this does not work at all, is there a best practice for cleaning old hosts and keys out? Thanks, Martin! -- Martin GnuPG Key Fingerprint, KeyID

https://bugzilla.mindrot.org/show_bug.cgi?id=2241 Bug ID: 2241 Summary: ssh-keygen -R removes matching key as well as @cert-authority Product: Portable OpenSSH Version: 6.6p1 Hardware: amd64 OS: Mac OS X Status: NEW Severity: minor Priority: P5 Component: ssh-keygen

I use: ssh-keygen -t rsa to generate a key file (id_rsa.pub) which I copy into authorized_keys2 on other machines in order to permit ssh to these machines without being asked for a password. The thing is that I have dual boot on this machine: one for fedora and one for ubuntu. The two key files which were generated on these machine are different. Is there a way so that I will have the same key

https://bugzilla.mindrot.org/show_bug.cgi?id=3146 Bug ID: 3146 Summary: ssh-keygen -R changes permissions on existing file Product: Portable OpenSSH Version: 7.9p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh-keygen Assignee:

https://bugzilla.mindrot.org/show_bug.cgi?id=1449 Summary: ssh does not give option to trust on changed keys Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All