Bug 1545

Summary: ssh-keygen -R removes all comments from known_hosts file
Product: Portable OpenSSH Reporter: Jameson Rollins <ssh-bugzilla>
Component: ssh-keygenAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED FIXED    
Severity: normal CC: djm, dkg, ssh-bugzilla
Priority: P2    
Version: 5.1p1   
Hardware: Other   
OS: Linux   
Bug Depends on:    
Bug Blocks: 2266    
Attachments:
Description Flags
example output of ssh-keygen -R that removes all comments
none
bz1545.diff
none
patch against 6.2 none

Description Jameson Rollins 2008-12-19 03:59:23 AEDT 
ssh-keygen -R is currently removing *all* comments from the known_hosts
file it's processing.  Below is an example of ssh-keygen -R being run
on a test known_host file.  An attachment is included that demonstrates the problem in action.

Notice that the first invocation is to remove example1.server.net from the
file, but the comment on example2.server.net is removed in the
process as well.  The same problem occurs when nothing no host is removed from the file at all.

In both cases an attempt was made to remove a host *other* than
example2.server.net, but the net result was that *all* comments where
removed from the file.

Thanks for the help.
Comment 1 Jameson Rollins 2008-12-19 04:00:10 AEDT 
Created attachment 1589 [details]
example output of ssh-keygen -R that removes all comments
Comment 2 Damien Miller 2009-01-21 21:54:57 AEDT 
See also bug #1544
Comment 3 Damien Miller 2010-08-03 15:40:45 AEST 
We are freezing for the OpenSSH 5.6 release. Retargetting these bugs to the next release.
Comment 4 Damien Miller 2010-08-03 15:42:19 AEST 
Targetting OpenSSH 5.7
Comment 5 Damien Miller 2011-01-24 12:30:46 AEDT 
Retarget unclosed bugs from 5.7=>5.8
Comment 6 Damien Miller 2011-09-06 10:34:10 AEST 
Retarget unresolved bugs/features to 6.0 release
Comment 7 Damien Miller 2011-09-06 10:36:25 AEST 
Retarget unresolved bugs/features to 6.0 release
Comment 8 Damien Miller 2011-09-06 10:38:58 AEST 
Retarget unresolved bugs/features to 6.0 release

(try again - bugzilla's "change several" isn't)
Comment 9 Damien Miller 2011-11-04 11:34:06 AEDT 
Created attachment 2103 [details]
bz1545.diff

retain comments in known_hosts when hashing/deleting entries
Comment 10 Damien Miller 2012-02-24 10:34:18 AEDT 
Retarget from 6.0 to 6.1
Comment 11 Damien Miller 2012-02-24 10:37:56 AEDT 
Retarget 6.0 => 6.1
Comment 12 Damien Miller 2012-09-07 11:37:41 AEST 
Retarget uncompleted bugs from 6.1 => 6.2
Comment 13 Damien Miller 2012-09-07 11:40:09 AEST 
Retarget bugs from 6.1 => 6.2
Comment 14 Damien Miller 2013-03-08 10:23:17 AEDT 
retarget to openssh-6.3
Comment 15 Daniel Kahn Gillmor 2013-05-17 02:33:31 AEST 
looks like there is a patch for this that has been available since a few upstream versions.  What's keeping the patch from being adopted?

This is a user data loss issue :/
Comment 16 Daniel Kahn Gillmor 2013-05-17 03:08:01 AEST 
Created attachment 2272 [details]
patch against 6.2

I've updated the patch so that it applies against 6.2p1
Comment 17 Damien Miller 2013-07-25 12:17:19 AEST 
Retarget to openssh-6.4
Comment 18 Damien Miller 2013-07-25 12:20:12 AEST 
Retarget 6.3 -> 6.4
Comment 19 Damien Miller 2014-02-06 10:17:32 AEDT 
Retarget incomplete bugs / feature requests to 6.6 release
Comment 20 Damien Miller 2014-02-06 10:19:21 AEDT 
Retarget incomplete bugs / feature requests to 6.6 release
Comment 21 Damien Miller 2014-04-12 14:49:23 AEST 
Retarget to 6.7 release, since 6.6 was mostly bugfixing.
Comment 22 Damien Miller 2014-04-12 14:54:41 AEST 
Remove from 6.6 tracking bug
Comment 23 Damien Miller 2014-08-30 04:38:54 AEST 
Retarget incomplete bugs to 6.8 release.
Comment 24 Damien Miller 2014-08-30 04:39:47 AEST 
These bugs are no longer targeted at the imminent 6.7 release
Comment 25 Damien Miller 2015-01-21 12:37:03 AEDT 
I just committed a big refactoring of known_hosts processing that should fix this.
Comment 26 Damien Miller 2015-03-18 18:16:53 AEDT 
openssh-6.8 is released