Because I am consistently lazy I hardly have multiple entries for the same host. And it is not difficult, because the message explicitly mentions the line number:
Code:
Offending ECDSA key in /home/adriaan/.ssh/known_hosts:30
And finding the line with the eye ball method is impossible if you use
HashKnownHosts in your
.ssh/config.
From
ssh_config(5):
Code:
HashKnownHosts
Indicates that ssh(1) should hash host names and addresses when
they are added to ~/.ssh/known_hosts. These hashed names may be
used normally by ssh(1) and sshd(8), but they do not reveal
identifying information should the file's contents be disclosed.
The default is ``no''. Note that existing names and addresses in
known hosts files will not be converted automatically, but may be
manually hashed using ssh-keygen(1).
So:
Code:
$ tail -1 .ssh/known_hosts
192.168.222.249 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHKXuTGoeWZ1TwAN23cwZzGAfOqjw
H1PZTxV+nUppIPnby4P/r1WPYu7M0YmUz2YEKrP0NkNERK3r/Xqc6PpPbU=
$ ssh-keygen -H -f .ssh/known_hosts
.ssh/known_hosts updated.
Original contents retained as .ssh/known_hosts.old
WARNING: .ssh/known_hosts.old contains unhashed entries
Delete this file to ensure privacy of hostnames
$ tail -1 .ssh/known_hosts
|1|DsPj+qiYhGO06l1W5yJQ0+J0VyQ=|sgJdo5xHyq3ncwsD8JLffrMOzEo= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAI
bmlzdHAyNTYAAABBBHKXuTGoeWZ1TwAN23cwZzGAfOqjwH1PZTxV+nUppIPnby4P/r1WPYu7M0YmUz2YEKrP0NkNERK3r/Xqc6PpPbU=
As you can see the IP address 192.168.222.249 has now been hashed into
|1|DsPj+qiYhGO06l1W5yJQ0+J0VyQ=|sgJdo5xHyq3ncwsD8J LffrMOzEo=
Impossible to find with the eye ball method