6cd875acfc
- spec file cleanup (don't pointelssly build whole OpenSSH) - spec file and patch cleanup * removing obsoleted auditing patch (openssh-%{version}-audit.patch) - added patches from SLE * GSSAPI key exchange * FIPS enablement (currently disabled) * small bugfixes - split the LDAP helper into a separate package: openssh-akc-ldap OBS-URL: https://build.opensuse.org/request/show/199679 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=55
29 lines
1.1 KiB
Diff
29 lines
1.1 KiB
Diff
# identify hashed hosts in known_hosts and suggest command line for their
|
|
# removal
|
|
|
|
diff --git a/openssh-6.2p2/sshconnect.c b/openssh-6.2p2/sshconnect.c
|
|
--- a/openssh-6.2p2/sshconnect.c
|
|
+++ b/openssh-6.2p2/sshconnect.c
|
|
@@ -987,16 +987,21 @@ check_host_key(char *hostname, struct so
|
|
ip_found->file, ip_found->line);
|
|
}
|
|
/* The host key has changed. */
|
|
warn_changed_key(host_key);
|
|
error("Add correct host key in %.100s to get rid of this message.",
|
|
user_hostfiles[0]);
|
|
error("Offending %s key in %s:%lu", key_type(host_found->key),
|
|
host_found->file, host_found->line);
|
|
+ error("You can use following command to remove all keys for this IP:");
|
|
+ if (host_found->file)
|
|
+ error("ssh-keygen -R %s -f %s", hostname, host_found->file);
|
|
+ else
|
|
+ error("ssh-keygen -R %s", hostname);
|
|
|
|
/*
|
|
* If strict host key checking is in use, the user will have
|
|
* to edit the key manually and we can only abort.
|
|
*/
|
|
if (options.strict_host_key_checking) {
|
|
error("%s host key for %.200s has changed and you have "
|
|
"requested strict checking.", type, host);
|