* John A. Sullivan III [100528 11:06 -0400] > On Fri, 2010-05-28 at 15:52 +0200, Elimar Riesebieter wrote: > > * John A. Sullivan III [100528 09:19 -0400] > > > On Fri, 2010-05-28 at 14:45 +0200, François TOURDE wrote: > > [...] > > > > > > > > Don't use sed nor awk... > > > > > > > > man ssh-keygen say: > > > > > > > > -R hostname > > > > Removes all keys belonging to hostname from a known_hosts > > > > file. This option is useful to delete hashed > > > > hosts (see the -H option above). > > > > > > > > > > > Yes, exactly. We use that all the time for similar reasons. One caveat > > > - if you use a non-standard port (which we regularly do for security > > > with such a dangerous application), the host must be specified as > > > [hostname]:port, e.g., ssh-keygen -R [comp1.mycompany.com]:222 > > > > How to remove _all_ ip's from hosts with a dynamic IP such as dyndns > > hosts? > <snip> > I'm not sure I understand the question. If you mean how to remove all > entries in known_hosts which pertain to hosts with dynamic IP addresses, > assuming you know the host name and use the hostname in your ssh > command, then you will want to remove the entry by using the hostname > and the IP address is not an issue. If there are entries for the IP > address and these are causing a problem, then one needs to remove the > entry for the IP address. Depending on whether or not there is a custom > port, the syntax would be either:
It should not be possible: Host a.dyn.dns has ip 1.2.3.4 24 h later: Host a.dyn.dns has ip 1.2.10.11 and maybe host b.dyn.dns has 1.2.3.4 This information ssh-keygen is missing so it shouldn't be possible to ssh-keygen -R a.dyn.dns and it would remove all ip's this host ever had, isn't it? Elimar -- On the keyboard of life you have always to keep a finger at the escape key;-) -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100528153808.gc4...@aragorn.home.lxtec.de
