Bug#438654: openssh-client: please be consistent for HashKnownHosts

To: Debian Bug Tracking System <maintonly@bugs.debian.org>
Subject: Bug#438654: openssh-client: please be consistent for HashKnownHosts
From: Luca Capello <luca@pca.it>
Date: Sat, 18 Aug 2007 19:25:12 +0200
Message-id: <[🔎] 87k5rsu553.fsf@gismo.pca.it>
Reply-to: Luca Capello <luca@pca.it>, 438654-maintonly@bugs.debian.org

Package: openssh-client
Version: 1:4.6p1-5
Severity: minor

Hello,

`man ssh_config` says HashKnownHosts is "no" by default:
=====
 HashKnownHosts
   Indicates that ssh(1) should hash host names and addresses when
   they are added to ~/.ssh/known_hosts.  These hashed names may be
   used normally by ssh(1) and sshd(8), but they do not reveal
   identifying information should the file’s contents be disclosed.
   The default is “no”.  Note that existing names and addresses in
   known hosts files will not be converted automatically, but may be
   manually hashed using ssh-keygen(1).  Use of this option may break
   facil‐ ities such as tab-completion that rely on being able to read
   unhashed host names from ~/.ssh/known_hosts.
=====

But in Debian HashKnownHosts is "yes" by default (debian/changelog):
=====
openssh (1:4.0p1-1) experimental; urgency=low
[...]

  * Enable HashKnownHosts by default. This only affects new entries;
    use 'ssh-keygen -H' to convert an entire known_hosts file to
    hashed format.
[...]

 -- Colin Watson <cjwatson@debian.org>  Thu, 26 May 2005 11:23:18 +0100
=====

IMHO even if the manpage is the upstream one, it should be consistent
with the Debian behavior, thus stating that by default is "yes".  Or,
at least, a note should be added in README.Debian, especially because
the debian/changelog entry is becoming old.

Thx, bye,
Gismo / Luca

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.22-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages openssh-client depends on:
ii  adduser               3.104              add and remove users and groups
ii  debconf [debconf-2.0] 1.5.14             Debian configuration management sy
ii  dpkg                  1.14.5             package maintenance system for Deb
ii  libc6                 2.6.1-1            GNU C Library: Shared libraries
ii  libcomerr2            1.40.2-1           common error description library
ii  libedit2              2.9.cvs.20050518-4 BSD editline and history libraries
ii  libkrb53              1.6.dfsg.1-6       MIT Kerberos runtime libraries
ii  libncurses5           5.6+20070812-1     Shared libraries for terminal hand
ii  libssl0.9.8           0.9.8e-6           SSL shared libraries
ii  passwd                1:4.0.18.1-11      change and administer password and
ii  zlib1g                1:1.2.3.3.dfsg-5   compression library - runtime

openssh-client recommends no packages.

-- no debconf information

Reply to:

Prev by Date: Bug#75043: Until such time as a new law is enacted, the legal status of junk email remains unclear.
Next by Date: Help offer: bug triage
Previous by thread: Bug#75043: Until such time as a new law is enacted, the legal status of junk email remains unclear.
Next by thread: Help offer: bug triage
Index(es):
- Date
- Thread