Bug 2169

Summary: command to remove outdated hostkey from known_hosts file wrong
Product: Portable OpenSSH Reporter: Björn Jacke <bjoern>
Component: sshAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED INVALID    
Severity: minor CC: djm, mindrot
Priority: P5    
Version: 6.2p1   
Hardware: Other   
OS: Linux   

Description Björn Jacke 2013-11-11 21:52:53 AEDT
when a host with a non-default port is in the known_hosts file then the suggested command to remove it does not work:

in known_hosts:

[192.168.42.129]:2222 ssh-rsa ....


connecting with an outdated hostkey gives:

Offending ECDSA key in /home/user/.ssh/known_hosts:440
You can use following command to remove all keys for this IP:
ssh-keygen -R 192.168.42.129 -f /home/user/.ssh/known_hosts

That command does only work for this known_hosts entry. It only works via:

keygen -R [192.168.42.129]:2222 -f /home/user/.ssh/known_hosts
Comment 1 Björn Jacke 2013-11-12 01:47:25 AEDT
"That command does only work for this known_hosts entry"

should read:

"That command does NOT work for this known_hosts entry"
Comment 2 Damien Miller 2013-12-19 11:09:29 AEDT
That text has been added by a downstream distributor of OpenSSH, probably your OS distribution. It isn't in the version that we release.
Comment 3 Damien Miller 2015-08-11 23:04:50 AEST
Set all RESOLVED bugs to CLOSED with release of OpenSSH 7.1
Comment 4 Adam Spiers 2016-10-22 01:45:46 AEDT
For future reference, this bug affects SUSE distributions, and I have submitted a downstream bug here:

https://bugzilla.suse.com/show_bug.cgi?id=1006221