Re: How to get new RSA key in known_hosts file?

[Jon Dowland <jmtd@debian.org>]

On Fri, May 25, 2012 at 09:59:03PM +0200, Slavko wrote:
> then i see only one solution - delete/rename whole file and collect them
> from start.

Well, yes - or resolve them one by one when you hit a host that has changed.
In this situation, ssh will tell you which lines are troublesome.

> Please, what security is here? When I know the hostname (IP) i can
> remove the host entry and then i can save new entry and i can show the key
> for this host too. Only one i cannot - to know which hosts are in the
> file...

The point of the hashing is that if someone breaks into your computer and
steals your private key, your known_hosts file could give them a list of other
machines that are likely to accept your key. If the hosts are hashed, they
don't know the hosts.