On Wed, May 21, 2008 at 9:50 AM, Dimitrios Apostolou <jimis@xxxxxxx> wrote: > Hi, > > Was this change forwarded to the OpenSSH developers? I am sure that if > it is indeed better security-wise to hash the known_hosts file, they > would change the default configuration upstream. I'm also sure that they > would give very good reasons for not wanting to do so. It's not a patch, it's a config file setting that we switched from "off" to "on"