Re: SSH Option files using hashes instead of hostnames?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, Jun 27, 2010 at 05:08:14PM -0400, Dan Mahoney, System Admin wrote:
> SSH allows the option of hashing the known-hosts file in order to prevent 
> people who get access to your account being able to jump other places.  Is 
> is not conceivable that they'd want the same option with their options 
> file?

It doesn't make sense.  The point of a hash (at least in this context)
is that you cannot reverse it to get the original data back.  When ssh is
connecting to a host, it has the hostname available, because you typed
it on the command line.  It can hash the hostname, and then look up the
hash in the known_hosts file.

This doesn't apply to options.  The ssh client would have to have the
option already, so it could hash it and look for the hash in the file,
to see whether it should have the option.  As I said, it's nonsense.


[Index of Archives]     [Open SSH Unix Development]     [Fedora Users]     [Fedora Desktop]     [Yosemite Backpacking]     [KDE Users]     [Gnome Users]

  Powered by Linux