Displaying 20 results from an estimated 5000 matches similar to: "How to remove old entries from known_hosts?"
2024 Feb 14
1
How to remove old entries from known_hosts?
On 14/02/2024 11:42, Chris Green wrote:
> Is there any way to remove old entries from the known_hosts file? With
> the hashed 'names' one can't easily see which entries are which. I
> have around 150 lines in my known hosts but in reality I only ssh to a
> dozen or so systems. All the redundant ones are because I have a
> mixed population of Raspberry Pis and such on
2024 Feb 17
1
How to remove old entries from known_hosts?
Brian Candler wrote:
> Chris Green wrote:
> > ... redundant ones are because I have a mixed population of
> > Raspberry Pis and such on my LAN and they get rebuilt fairly
> > frequently and thus, each time, get a new entry in known_hosts.
> ...many useful tips...
> To disable host key checking altogether for certain domains and/or networks,
> you can put this in
2016 Apr 01
4
[Bug 2560] New: sshd: Description of hashed known_hosts file does not make sense and format is outdated
https://bugzilla.mindrot.org/show_bug.cgi?id=2560
Bug ID: 2560
Summary: sshd: Description of hashed known_hosts file does not
make sense and format is outdated
Product: Portable OpenSSH
Version: -current
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
2005 Apr 21
11
[Bug 910] known_hosts port numbers
http://bugzilla.mindrot.org/show_bug.cgi?id=910
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |foomzilla at fuhm.net
------- Additional Comments From djm at mindrot.org 2005-04-21 18:16 -------
*** Bug 454 has been marked as a
2020 Sep 29
12
Human readable .ssh/known_hosts?
Hi list members,
just tried to get some old records out of my known_hosts, which is 'HashKnownHosts yes'. Is there a way to unhash host names and/or IPs?
Google tells about, how to add hosts, but not the opposite, may be I miss some thing.
Is this does not work at all, is there a best practice for cleaning old hosts and keys out?
Thanks, Martin!
--
Martin
GnuPG Key Fingerprint, KeyID
2005 May 18
3
known_hosts vulnerability?
Hey all,
I came across a security news article, referenced by
http://www.linux.org/news, at
http://www.techworld.com/security/news/index.cfm?NewsID=3668
talking about an SSH weakness involving the known_hosts file. I
apologize if this issue has already been addressed, but the mailing list
archives didn't turn up anything when i tried searching for something
relevant. So; not to knee-jerk or
2020 Oct 04
2
UpdateHostkeys now enabled by default
On Sun, Oct 04, 2020 at 09:24:12PM +1100, Damien Miller wrote:
> On Sun, 4 Oct 2020, Damien Miller wrote:
>
> > No - I think you've stumbled on a corner case I hadn't anticipated.
> > Does your configuration override CheckHostIP at all?
No.
> >
> > What are the known_hosts entries for the hostname and IP?
>
> Also, do you use HashKnownHosts? or do
2020 Oct 04
2
UpdateHostkeys now enabled by default
On Sun, 4 Oct 2020, Matthieu Herrb wrote:
> Hi,
>
> on OpenBSD-current I now get this when connecting to an existing
> machine for which I have both ecdsa an ed25519 keys in my existing
> known_hosts (but apparently ed25519 keys where added only for the name
> previsously by ssh):
>
> Warning: the ED25519 host key for 'freedom' differs from the key for
> the
2017 Jan 28
3
known_hosts question for Ubuntu Server 14.04 and 16.04 LTS
Hello & thanks for reading.
I'm having a problem configuring known_hosts from scripts so an accept
key yes/no prompt doesn't appear.
I'm using this command to detect if the server is known and add it to
known_hosts:
if ! ssh-keygen -F ${IP_ADDR} -f ~/.ssh/known_hosts > /dev/null 2>&1; t
hen ssh-keyscan -p ${PORT} ${IP_ADDR} >> ~/.ssh/known_hosts; fi
This works
2023 Aug 18
1
Host key verification (known_hosts) with ProxyJump/ProxyCommand
Hi all,
I noticed a bit of an odd issue with maintaining `known_hosts` when the
target machine is behind a bastion using `ProxyJump` or `ProxyCommand`
with host key clashes.
Client for me right now is OpenSSH_9.3p1 on Gentoo Linux/AMD64. I'm a
member of a team, and most of us use Ubuntu (yes, I'm a rebel). Another
team who actually maintain this fleet often access the same machines
2012 Nov 16
1
xmlParseDoc parser errors
Hi,
I have some XML files that have a processing instruction directly
after the XML declaration
when I do
kgroup.reading <- character(0)
for (file in file_list){kgroup.reading <-
xmlParseDoc(file.path("c:","projects","respositories","dk","004",file))}
I get the error
file name :1: parser error : Start tag expected, '<' not found
2020 Nov 07
3
upsd "events"
Hello,
I'm quite new to NUT, currently setting it up on a few machines in my home
lab because I switched from an APC UPS to a CyberPower unit. This is
running in a home lab, and I'm trying to implement some apparently unusual
logic around load-shedding. I'm strongly considering writing my own custom
script to replace upsmon in order to achieve the desired result.
I see a lot of
2016 Dec 09
2
HashKnownHosts vs @cert-authority
Hi folks,
maybe I am too blind to see, but would it be possible to
avoid extra entries in known_hosts, if the remote host
has a signed public key matching a @cert-authority line?
Something like
Host *
HashKnownHosts unsigned
This could help to keep the known_hosts file small and
yet get all the unsigned public keys in.
Just a suggestion, of course. Regards
Harri
2020 Nov 07
1
upsd "events"
On Sat, Nov 7, 2020 at 1:27 PM Charles Lepple <clepple at gmail.com> wrote:
> On Nov 7, 2020, at 11:18 AM, Jason Antman <jason at jasonantman.com> wrote:
>
>
> Hello,
>
> I'm quite new to NUT, currently setting it up on a few machines in my home
> lab because I switched from an APC UPS to a CyberPower unit. This is
> running in a home lab, and I'm
2010 Aug 20
1
[Feature Request] delete defined line in known_hosts file
Hi,
for a test lab, I'm trying to write a small shell script that will
eradicate all information regarding a special host from the
known_hosts file. Unfortunately, it is quite non-trivial to find out
what ssh doesn't like with a host.
ssh says which line in known_hosts has the offending key, but
ssh-keygen -R doesn't take a line number. Am I using an undocumented
interface when I
2005 Dec 10
2
known_hosts and multiple hosts through a NAT router
The .ssh/known_hosts table cannot handle reaching different sshd
servers behind a NAT router. The machines are selected by having
the SSHDs respond to differnt ports.
A second request would be to allow known_hosts checking solely on
the dns name, wildcarding the IP address. This would be useful
to avoid continuously warning the user every time you connect
to a machine with a changing IP address
2020 Oct 04
3
UpdateHostkeys now enabled by default
On Sun, Oct 04, 2020 at 10:50:32PM +1100, Damien Miller wrote:
> On Sun, 4 Oct 2020, Matthieu Herrb wrote:
>
> > On Sun, Oct 04, 2020 at 09:24:12PM +1100, Damien Miller wrote:
> > > On Sun, 4 Oct 2020, Damien Miller wrote:
> > >
> > > > No - I think you've stumbled on a corner case I hadn't anticipated.
> > > > Does your configuration
2020 Sep 30
3
Human readable .ssh/known_hosts?
On Tue, 29 Sep 2020 at 23:16, Nico Kadel-Garcia <nkadel at gmail.com> wrote:
[...]
> I gave up on $HOME/.ssh/known_hosts a *long* time ago, because if
> servers are DHCP distributed without static IP addresses they can wind
> up overlapping IP addresses with mismatched hostkeys
You can set CheckHostIP=no in your config. As long as the names don't
change it'll do what you
2003 Dec 18
2
known_hosts, IP, and port revisited
I dug through the list archives to see if this had come up before, and I
see that a bug <http://bugzilla.mindrot.org/show_bug.cgi?id=393> was
submitted and subsequently closed (basically rejected) in 2002.
The basic issue, for those of you who don't feel like following the bug
URL, is that when one has ssh servers behind a NAT, each of which responds
to a different port on the NAT IP,
2013 May 14
2
[Bug 1993] ssh tries to add keys to ~/.ssh/known_hosts though StrictHostKeyChecking yes is set
https://bugzilla.mindrot.org/show_bug.cgi?id=1993
alex at testcore.net changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |alex at testcore.net
Version|5.9p1 |6.2p1
--- Comment #1 from alex at testcore.net ---
Also