Gentoo Logo
Gentoo Spaceship

Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
To: gentoo-security@g.o
From: Thomas Schweikle <tps@...>
Subject: Re: ssh - upgrade to v4 - hash known_hosts file
Date: Sat, 06 Aug 2005 18:51:28 +0200
antoine schrieb:
> On Tue, 2005-05-17 at 12:42 -0400, James Larkby-Lahet wrote:
>> >> *However*
>> >> SSH version 4 and higher contain an option to hash the known_hosts
>> >> database. Here's what the ssh config documentation has to say about 
>> >> this:
>> I, for one, have frequently had to edit known_hosts manually.  
>> Experimental box dies, you reformat, new keys are generated, and then 
>> ssh flips its lid, which _is_ a feature.  But, then I have to remove 
>> the offending line, and if the hostnames are hashed how am I to do 
>> that?
> ssh tells you on which line the offending key is, that's how I delete
> them - it is easier than looking for the hostname.

Yes, but what about having various lines refering all to the same host?
There is no way to have it done fast, once, by deleting *all* refering
lines, since there is no way to find out what other lines match this
particular host. Such scenario is common in dhcp environments where you
are connecting to hosts changing their IP with the next boot.


gentoo-security@g.o mailing list

Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
pam cracklib. Why credits are not working.
Next by thread:
Previous by date:
Re: WELCOME to gentoo-security@g.o
Next by date:

Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.