Created attachment 3043 [details] ssh-keygen find hash modes exit code patch The ssh-keygen utility invoked with options -H -F always returns 1 even though a host was found. To reproduce the bug use the latest version of ssh-keygen. I tested it on Ubuntu (Ubuntu 16.04.2 LTS) with version 1:7.2p2-4ubuntu2.2 or clone it from the Github repo(master branch) and build it manually. ssh-keygen -f ~/.ssh/known_hosts -H -F <HOST> ; echo $? The exit code will be 1 for known and unknown hosts. I think a reason is that the ctx.found_key field does not set to 1. https://github.com/openssh/openssh-portable/blob/master/ssh-keygen.c#L1324 The field can be set only in the function known_hosts_find_delete https://github.com/openssh/openssh-portable/blob/master/ssh-keygen.c#L1174 but if the hash_mode is specified, the function is not used. https://github.com/openssh/openssh-portable/blob/master/ssh-keygen.c#L1277 Although it contains logic for the hash mode https://github.com/openssh/openssh-portable/blob/master/ssh-keygen.c#L1209 Please confider my patch to fix this issue. The patch in the attachment.
Thanks for the report, patch and especially for writing a regression test to go with them. These have been committed (with a couple of tweaks) and will be in OpenSSH 7.8.
Close RESOLVED bugs with the release of openssh-8.0