Bug 2772

Summary:

ssh-keygen invoked with options -H -F always returns 1

Product:

Portable OpenSSH

Reporter:

Anton Kremenetsky <akremenetsky>

Component:

ssh-keygen

Assignee:

Assigned to nobody <unassigned-bugs>

Status:

CLOSED FIXED

Severity:

normal

CC:

djm

Priority:

Version:

7.5p1

Hardware:

amd64

OS:

Linux

Bug Depends on:

Bug Blocks:

2852

Attachments:

Description	Flags
ssh-keygen find hash modes exit code patch	none

Description Anton Kremenetsky 2017-08-29 23:11:10 AEST

Created attachment 3043 [details]
ssh-keygen find hash modes exit code patch

The ssh-keygen utility invoked with options -H -F always returns 1 even though a host was found. To reproduce the bug use the latest version of ssh-keygen. I tested it on Ubuntu (Ubuntu 16.04.2 LTS) with version 1:7.2p2-4ubuntu2.2 or clone it from the Github repo(master branch) and build it manually.

ssh-keygen -f ~/.ssh/known_hosts -H -F <HOST> ; echo $?

The exit code will be 1 for known and unknown hosts.

I think a reason is that the ctx.found_key field does not set to 1. https://github.com/openssh/openssh-portable/blob/master/ssh-keygen.c#L1324

The field can be set only in the function known_hosts_find_delete https://github.com/openssh/openssh-portable/blob/master/ssh-keygen.c#L1174 but if the hash_mode is specified, the function is not used. https://github.com/openssh/openssh-portable/blob/master/ssh-keygen.c#L1277

Although it contains logic for the hash mode https://github.com/openssh/openssh-portable/blob/master/ssh-keygen.c#L1209

Please confider my patch to fix this issue. The patch in the attachment.

Comment 1 Damien Miller 2018-06-01 13:52:42 AEST

Thanks for the report, patch and especially for writing a regression test to go with them. These have been committed (with a couple of tweaks) and will be in OpenSSH 7.8.

Comment 2 Damien Miller 2018-10-19 17:17:30 AEDT

Close RESOLVED bugs with the release of openssh-8.0