On 5/21/08, Thomas Bächler <thomas@xxxxxxxxxxxxx> wrote: > The point is, without any notice, we provided a different configuration > file than the upstream configuration file. That's not how we do it, we > always provide the upstream configuration file. wrong. We provide 'sane defaults'. I consider security to be sane. I guess you don't. That is fine, for you. > If someone thinks that having unhased known_hosts is a security problem, > then he/she can change this configuration option on his/her system, that is > how Arch works. If someone thinks that having unhashed known_hosts isn't a security problem, then he/she can change this configuration option on his/her system. That is how arch works. See what I did there? > But now that hashed known_hosts silently became the default, > I cannot revert back. Sure you can. 1. copy the known hosts file to a backup location. 2. Change the option (set it in your .ssh/config. This file overrides the defaults if you were not aware), and remove the known_hosts file. 3. Connect to hosts. When an entry is made, do a hash compare if you are concerned that the remote keyprint might have changed (ssh-keygen can output a known_hosts hash for a non hashed known hosts file). Also.. fyi.. knownhosts hashing option does not automagically convert an unhashed known_hosts file. It would simply add hashed elements to the file, resulting in a mix of hashed and non hashed. You would have had to run ssh-keygen on the known_hosts file to get a full conversion. So if all you have are hashed files, then you must have at some point: - done a reinstall - nuked the file and rebuilt it - converted it manually yourself - never actually cared about the change until you were slightly inconvenienced.
