ssh_known_hosts create duplicate entries

[rongshen-daqri]

Hello, I'm using version 0.10.16, but I got duplicate entries in known_hosts file. I call functions like this:

ssh_known_hosts "github.com" do hashed false path '/var/lib/jenkins/.ssh/known_hosts' end

I ran the cookbook 3 times using kitchen converge, and I found 3 set of records in /var/lib/jenkins/.ssh/known_hosts file.

I found on stackoverflow saying this issue has been fixed long time ago, I'm not sure why I'm still seeing it. Could you help me?

Thanks

[tejaycar]

So, we fixed that some time ago, but must have missed something.

https://github.com/markolson/chef-ssh/blob/master/test/integration/known_hosts/serverspec/known_hosts_spec.rb#L24 That's the test to verify the fix

https://github.com/markolson/chef-ssh/blob/master/providers/known_hosts.rb#L77-L85 That's the lines in the provider that check if we already have an entry

try running ssh-keygen -H -F github.com -f /path/to/your/known/hosts

That should find the existing key. If it doesn't, then we know where the issue lies.

[rongshen-daqri]

@tejaycar Thanks for the info.

I tried 'ssh-keygen -H -F github.com -f /var/lib/jenkins/.ssh/known_hosts' and it returns records, but echo $? returns 1 I then tried 'ssh-keygen -F github.com -f /var/lib/jenkins/.ssh/known_hosts' which is the command used in test, and it returns records, echo $? returns 0

So, I don't know root cause, but it seems like we should remove the -H option from the search command. I made the change on my local copy, and both inspec tests and my own kitchen tests in a different cookbook works.

[rongshen-daqri]

If you would like, I can make a PR. Is there a guideline on how to make a PR? I don't want to mess up the branches.

[tejaycar]

Just fork the repo, and then create a PR. I'll take it from there. however, I'm still trying to understand why the -H was in there. I believe we need to account for it as it converts the keys to hash format. I'm just worried about side effects.

[tejaycar]

Fixed in 0.10.18