[[Clean Up your known_hosts file]]
You are here: Welcome » Linux » Clean Up your known_hosts file
Show pagesourceOld revisions
Recent changesIndex

CONTENT

Pages

Tags


Clean Up your known_hosts file

I made a little script for cleaning my known_hosts file. This can not be used if the file containes hashed data (if HashKnownHosts is enabled)!

What it does:

  • Backup the old file
  • Remove some hosts by a pattern (I use this for removing keys of temporary hosts of a DHCP install LAN)
  • clean up duplicated lines and merge them into 1 line, see example below. This is done with sorting, starting with the hostnames and ends with ip adresses.
192.168.0.1 ssh-rsa XXXXXX
router.lan ssh-rsa XXXXXX

turned into:

router.lan,192.168.0.1 ssh-rsa XXXXXX
  • Sorts the whole file

Code

This code is release under the license of this page, use at your own risk!

The code is pure bash. 

#!/bin/bash
# 2009 by Markus Frosch <markus@lazyfrosch.de>
# http://www.lazyfrosch.de/linux/clean_known_hosts
# 
# Licensed under Creative Commons Attribution-Noncommercial-Share Alike 2.0 Generic
# http://creativecommons.org/licenses/by-nc-sa/2.0/
 
date=$(date +%Y%m%d-%H%M%S)
kh=$HOME/.ssh/known_hosts
kh_bak=$HOME/.ssh/known_hosts.$date
kh_work=$HOME/.ssh/known_hosts.work
kh_work2=$HOME/.ssh/known_hosts.work2
kh_work3=$HOME/.ssh/known_hosts.work3
 
fail() {
        echo "Error..." >&2
        exit 1
}
 
# make backup
cp $kh $kh_bak || fail
 
# make workfile
cp $kh $kh_work || fail
 
# clean install keys
grep -Ev "^box[0-9]+.install.mycompany.de" $kh_work > $kh_work2 || fail
cp $kh_work2 $kh_work || fail
grep -Ev "192\.168\.(190\.1(79|8[0-9]|90)|176\.16[3-6])" $kh_work > $kh_work2 || fail
cp $kh_work2 $kh_work || fail
 
# cleanup dups
cat $kh_work | awk '{ print $2" "$3 }' | sort | uniq >$kh_work2
rm -f $kh_work3 || fail
touch $kh_work3 || fail
while read line;
do
        names=$(grep "$line" $kh_work | awk '{ print $1 }')
        names1=$(echo $names | sed 's/[ ,]/\n/g' | grep -E "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" | sort)
        names2=$(echo $names | sed 's/[ ,]/\n/g' | grep -vE "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" | sort)
        names=$(echo $names2 $names1 | sed 's/ /,/g')
        echo $names $line >> $kh_work3
done < $kh_work2
cp $kh_work3 $kh_work || fail
 
# sorting
sort $kh_work > $kh_work2 || fail
cp $kh_work2 $kh_work || fail
 
# save kh
cp $kh_work $kh || fail
 
# remove work files
rm -f $kh_work $kh_work2 $kh_work3 || fail

Install:
Save into /root/bin/kh_clean or a file you like and set the file executable.

Markus Frosch 13.01.2009 09:08

linux/clean_known_hosts.txt · Last modified: 2009/01/13 09:10 by markus
Show pagesourceOld revisions
Back to top
CC Attribution-Noncommercial-Share Alike 3.0 Unported
www.chimeric.de Driven by DokuWiki Recent changes RSS feed Facebook XING Twitter ICQ Jabber Skype Piratenpartei