openssh/openssh-6.2p2-host_ident.patch
Petr Cerny 6cd875acfc Accepting request 199679 from home:pcerny:factory
- spec file cleanup (don't pointelssly build whole OpenSSH)

- spec file and patch cleanup
  * removing obsoleted auditing patch
    (openssh-%{version}-audit.patch)
- added patches from SLE
  * GSSAPI key exchange
  * FIPS enablement (currently disabled)
  * small bugfixes 
- split the LDAP helper into a separate package: openssh-akc-ldap

OBS-URL: https://build.opensuse.org/request/show/199679
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=55
2013-09-19 04:09:33 +00:00

29 lines
1.1 KiB
Diff

# identify hashed hosts in known_hosts and suggest command line for their
# removal
diff --git a/openssh-6.2p2/sshconnect.c b/openssh-6.2p2/sshconnect.c
--- a/openssh-6.2p2/sshconnect.c
+++ b/openssh-6.2p2/sshconnect.c
@@ -987,16 +987,21 @@ check_host_key(char *hostname, struct so
ip_found->file, ip_found->line);
}
/* The host key has changed. */
warn_changed_key(host_key);
error("Add correct host key in %.100s to get rid of this message.",
user_hostfiles[0]);
error("Offending %s key in %s:%lu", key_type(host_found->key),
host_found->file, host_found->line);
+ error("You can use following command to remove all keys for this IP:");
+ if (host_found->file)
+ error("ssh-keygen -R %s -f %s", hostname, host_found->file);
+ else
+ error("ssh-keygen -R %s", hostname);
/*
* If strict host key checking is in use, the user will have
* to edit the key manually and we can only abort.
*/
if (options.strict_host_key_checking) {
error("%s host key for %.200s has changed and you have "
"requested strict checking.", type, host);