Hash ~/.ssh/known_hosts by default

Hi!

I’ve been doing a lot of work over ssh and recently noticed the known_hosts file (which I backup to KeePass) uses the plain text IP entries with associated fingerprints. I do have a concern about a browser bug or creeping exploit (that sneaks around AppArmor somehow) lifting the file and exposing all my server IPs in one hit. Even a “hot laptop theft” could expose them all.

I hashed the file manually for storage with:

ssh-keygen -H -f ~/.ssh/known_hosts

And I’ve added a config file to the ~/.ssh folder as follows:

mkdir -p ~/.ssh
echo "HashKnownHosts yes" > ~/.ssh/config
chmod 400 ~/.ssh/config

Automatic hashing works as expected.

Should this be a default setting?

I don’t see any downside risks to it being a default.

Thanks for everything you guys do btw. I know things can be wrestlemania with practical implementation.

Feature Branch: bugfix/14995-hash-ssh-known-hosts

Original created by @tailshark on 14995 (Redmine)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information