Archive of May 2011
Following up on my last 2 posts about SSH key based authentication, here's some more useful SSH commands to manage the known hosts file that I didn't know about before.
The known hosts file, located at ~/.ssh/known_hosts, is where server public keys end up when you say "yes" to accepting a host key upon connecting to a server you've never connected to before. Chances are your file is full of keys by now if you connect to a lot of different machines. If you need to remove a key for a server change or if you no longer use the server, you can easily clean it up without editing the file directly.
You can first check if the host is even in the file:
ssh-keygen -F jfro.me
This will display the entry from the file if found. You can remove it with this command:
ssh-keygen -R jfro.me
Unfortunately it's not as easy if you use non-standard ports, it has to be an exact match to the host entry in the file:
01:35 PM | Tags: ssh, sysadmin, servers, tips
ssh-keygen -R "[example.com]:1234"