[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: HashKnownHosts

On Sat, Jul 02, 2005 at 08:17:57PM +0200, Marco d'Itri wrote:
> On Jul 02, Olaf van der Spek <olafvdspek@gmail.com> wrote:
> > On 7/2/05, Marco d'Itri <md@linux.it> wrote:
> > > What is the rationale for changing the default setting?
> > > I find it very annoying, and from a brief discussion on #debian-devel I
> > > see that I'm not alone.
> > What causes this annoyance?
> The need to edit the file to add/update/remove IP addresses, hostnames
> and whole keys.

Then I'm afraid you simply haven't read the documentation ...

     -F hostname
             Search for the specified hostname in a known_hosts file,
             listing any occurrences found.  This option is useful to
             find hashed host names or addresses and may also be used
             in conjunction with the -H option to print found keys in
             a hashed format.

     -H      Hash a known_hosts file.  This replaces all hostnames and
             addresses with hashed representations within the speci‐
             fied file; the original content is moved to a file with a
             .old suffix.  These hashes may be used normally by ssh
             and sshd, but they do not reveal identifying information
             should the file’s contents be disclosed.  This option
             will not modify existing hashed hostnames and is there‐
             fore safe to use on files that mix hashed and non-hashed

     -R hostname
             Removes all keys belonging to hostname from a known_hosts
             file.  This option is useful to delete hashed hosts (see
             the -H option above).


Colin Watson                                       [cjwatson@debian.org]

Reply to: