On Tue, May 20, 2008 at 2:05 PM, David Rosenstrauch <darose@xxxxxxxxxx> wrote: > Just on a whim, I decided to try out the Debian tool to scan for weak keys > resulting from the recent openssl security hole. And lo and behold, it > found 2 weak keys in my known_hosts file! > > Problem is, though, since Arch recently turned on HashKnownHosts by default > in ssh_config, those 2 lines in the known_hosts file are encrypted, and so I > don't know which host machines that I've been ssh'ing into are affected by > the problem. > > Anyone know if there's any way to decrypt the hashes created by the > HashKnownHosts setting? I think the whole point is that they *are* one way hashes. The only think I can think of is to find the algorithm they use (sha1?) and hash the hostnames that you know, then compare. Alternatively, just remove those two and if you get the "(yes/no)" prompt you know that's the host 8)
