Re: Human readable .ssh/known_hosts?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Tue, 29 Sep 2020, Nico Kadel-Garcia wrote:

> As I understand this option, it does not help at all with the nearly
> inevitable re-use of the same IP address for a different host with a
> different hostkey in, for example, a modest DHCP based environment.
> Such environments are common both in smaller, private networks and in
> large public networks, and it's perhaps startlingly common in cloud
> environments: it's one of the reasons I'm so willing to disable
> $HOME/.ssh/known_hosts.

Again, you should read the documentation for CheckHostIP. Turing it off
makes known_hosts solely bind to hostnames and, as long as you use names
to refer to hosts, avoids any problems caused by IP address reuse.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux