https://bugzilla.mindrot.org/show_bug.cgi?id=2742
Bug ID: 2742
Summary: Improve -R option, allow to purge all similar keys
Product: Portable OpenSSH
Version: 7.2p2
Hardware: All
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh-keygen
Assignee: [email protected]
Reporter: [email protected]
When a server key changed openssh prints a warning that the key has
changed and also prints a commandline to purge old key from known_hosts
when the change is correct.
This commandline always only purges the key for the hostname you
currently try.
But there usually are at least two entries - one for host and one for
the IP. For dual stack there are at least 3. For dynamic IP there may
be hundreds.
It's a lot of manual work to find all the other keys and purge them as
well.
It would be very fine, if the -R command would simply ask if any key
with the same key data should be purged as well (together with the
number of entries). That would speed up the cleanup process a lot.
P.S. It would also be a good idea when I could tell SSH to don't make
the automatic IP based entries for certain (dynamic IP) hosts.
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
