| 1 |
antoine schrieb: |
| 2 |
> On Tue, 2005-05-17 at 12:42 -0400, James Larkby-Lahet wrote: |
| 3 |
>> >> *However* |
| 4 |
>> >> SSH version 4 and higher contain an option to hash the known_hosts |
| 5 |
>> >> database. Here's what the ssh config documentation has to say about |
| 6 |
>> >> this: |
| 7 |
>> |
| 8 |
>> I, for one, have frequently had to edit known_hosts manually. |
| 9 |
>> Experimental box dies, you reformat, new keys are generated, and then |
| 10 |
>> ssh flips its lid, which _is_ a feature. But, then I have to remove |
| 11 |
>> the offending line, and if the hostnames are hashed how am I to do |
| 12 |
>> that? |
| 13 |
> ssh tells you on which line the offending key is, that's how I delete |
| 14 |
> them - it is easier than looking for the hostname. |
| 15 |
|
| 16 |
Yes, but what about having various lines refering all to the same host? |
| 17 |
There is no way to have it done fast, once, by deleting *all* refering |
| 18 |
lines, since there is no way to find out what other lines match this |
| 19 |
particular host. Such scenario is common in dhcp environments where you |
| 20 |
are connecting to hosts changing their IP with the next boot. |
| 21 |
|
| 22 |
-- |
| 23 |
Thomas |
| 24 |
|
| 25 |
-- |
| 26 |
gentoo-security@g.o mailing list |
Archives