Hash ~/.ssh/known_hosts by default
Originally created by @tailshark on #14995 (Redmine)
Hi!
I’ve been doing a lot of work over ssh and recently noticed the known_hosts file (which I backup to KeePass) uses the plain text IP entries with associated fingerprints. I do have a concern about a browser bug or creeping exploit (that sneaks around AppArmor somehow) lifting the file and exposing all my server IPs in one hit. Even a “hot laptop theft” could expose them all.
I hashed the file manually for storage with:
ssh-keygen -H -f ~/.ssh/known_hosts
And I’ve added a config file to the ~/.ssh folder as follows:
mkdir -p ~/.ssh
echo "HashKnownHosts yes" > ~/.ssh/config
chmod 400 ~/.ssh/config
Automatic hashing works as expected.
Should this be a default setting?
I don’t see any downside risks to it being a default.
Thanks for everything you guys do btw. I know things can be wrestlemania with practical implementation.
Feature Branch: bugfix/14995-hash-ssh-known-hosts