Re: SSH Option files using hashes instead of hostnames?



On Sun, Jun 27, 2010 at 05:08:14PM -0400, Dan Mahoney, System Admin wrote:
SSH allows the option of hashing the known-hosts file in order to prevent
people who get access to your account being able to jump other places. Is
is not conceivable that they'd want the same option with their options
file?

It doesn't make sense. The point of a hash (at least in this context)
is that you cannot reverse it to get the original data back. When ssh is
connecting to a host, it has the hostname available, because you typed
it on the command line. It can hash the hostname, and then look up the
hash in the known_hosts file.

This doesn't apply to options. The ssh client would have to have the
option already, so it could hash it and look for the hash in the file,
to see whether it should have the option. As I said, it's nonsense.



Relevant Pages

  • Re: SSH Option files using hashes instead of hostnames?
    ... people who get access to your account being able to jump other places. ... It can hash the hostname, ... Host slowpoke ...
    (SSH)
  • Re: dhcp hostname
    ... Hash: RIPEMD160 ... Carl Karsten schrieb am 07.03.2006 01:33: ... that would have to be updated if the hostname gets updated. ... Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org ...
    (Ubuntu)
  • RE: Hash Issue or Understanding
    ... Subject: Hash Issue or Understanding ... >hostname, IP addrress, OS, Version, Release, Server Type, Model, Memory ...
    (perl.beginners)
  • Re: DBI v2 - The Plan and How You Can Help
    ... If this is a complex data type like a hash, ... databases which know about hostname, port, usename and password, he will ... He will never anticipate that Informix (as Jonathan explained at ... port, so his application won't be able to connect to Informix. ...
    (perl.dbi.users)
  • Re: BSDstats Project v2.0 ...
    ... Then have an MD5 hash of `hostname` (hashing the full ... (this machine has two ethernet cards in it, and no, ... That way you can pick some algorithm which should ...
    (freebsd-questions)