Menu
▾
▴
Tree [39eb43] master 1.7 / History
| File | Date | Author | Commit |
|---|---|---|---|
| tests | 2024-07-05 |
Phil Sutter
|
[c505b9] Search for unmodified host arg in ssh-config, too |
| COPYING | 2009-07-12 |
n0-1
|
[cdb1e4] add copy of the GPLv2, drop useless stuff from ... |
| Makefile | 2016-04-08 |
Phil Sutter
|
[086d32] Add simple test framework with first set of tests |
| README | 2024-07-05 |
Phil Sutter
|
[764e5c] README: Minor copyediting |
| unssh.sh | 2024-07-05 |
Phil Sutter
|
[39eb43] Update copyright |
Read Me
unssh - remove entries from your known_hosts file ------------------------------------------------- This simple script helps deleting hosts from the user's known_hosts file when their pubkey has changed. CONTENTS -------- * CONTENTS * DEPENDENCIES * INSTALLATION * USAGE * INTERNALS * BUGS DEPENDENCIES ------------ You need the following applications installed to use this tool (maybe not the exact version, which is appended here mainly for bug fixing issues): - bash-3.1.16 - grep-2.5.1 - ed-0.2 - bind-tools-9.10.2 - awk-3.1.5 - sed-4.1.4 INSTALLATION ------------ There is a Makefile provided with the script assisting you with the task of installation. Just run `make install` to install the script with name `unssh' into $HOME/bin. A symlink to the alternative name `unscp' is also created. USAGE ----- A short example should suffice: So you tried to connect to another host using a command like the following: $ ssh -X -A user23@myhost.mydomain.tld giving you an error message saying the host key for the given host has changed, which could also indicate an ongoing MitM attack. But you know better, say e.g. the host key has REALLY changed. Instead of editing your known_hosts file, searching for the matching entry and deleting it, just change the previously executed command line to this: $ unssh -X -A user23@myhost.mydomain.tld as you see, this can be done setting the cursor to the beginning of the line and typing "un". Execute it, and the script should do the rest for you. INTERNALS --------- Basically, this script does the following: 1) Parse command line args, skipping over known options (with arguments) of the respective program (ssh and scp have distinct ones) - any remaining arguments are considered as host specs to remove 2) Search the user's ssh_config for a matching alias definition, extracting the real host name from it 3) Do a dns lookup for the host name (or IP) from 2) or 1), respectively 4) Backup the current known_hosts file 5) Search for both host name and IP in the user's known_hosts file, removing matching entries 6) If the given host name contains a domain part, additionally search for an entry specifying the short host name only, removing it also 7) Print stats based on the line lengths of the final known_hosts file and its backup from 4) 8) Finally rename the backup from 4) to the standard name (~/.ssh/known_hosts.old) used by ssh-keygen, or drop it if there are no changes BUGS ---- There certainly are! Especially with different versions of the tools mentioned in the DEPENDENCIES section above there may be problems. If you think you found a bug, feel free to report it via email to Phil Sutter <phil@nwl.cc>.
