Bug#483756: insist ssh-vulnkey -a be run by the administrator upon upgrade
Another question arises: what are all the remote machines where I have
established a ~/.ssh/ directory (that needs to be cleaned up to plug
the hole there if root there is not up to date)?
Well, one finds a list in .ssh/known_hosts, but on sshd(8):
Alternately, hostnames may be stored in a hashed form which hides
host names and addresses should the file's con- tents be
disclosed.
It should add that even the owner cannot decode these back, as they
are hashes. P.S., my ~/.ssh was 755 mode all these years. Fixed.
[Taking suresh@hserus.net off CC list next message.]
Reply to: