Martin McCormick wrote:
I recently needed to clear out some old entries from the
.ssh/known_hosts file on a Debian system and discovered that I
couldn't tell which system key was which because they were all
type rsa keys instead of the type DSA keys which do contain a
field with either the host name or its IP address.
Is there a way in Linux to make ssh get the type DSA host keys?
I presently see the following message when adding a new host to
known_hosts:
Warning: Permanently added 'remote.host.okstate.edu,192.168.8.9' (RSA)
to the list of known hosts.
When a FreeBSD system connects to a Debian host as an
example, it automatically knows to add the dsa host key.
This is no show stopper by any means, but why is this
happening? Thanks.
Not dependant on RSA vs DSA, but the value HashKnownHosts in
/etc/ssh/ssh_config
man ssh_config
HashKnownHosts
Indicates that ssh(1) should hash host names and addresses when they are
added to ~/.ssh/known_hosts. These hashed names may be used normally by
ssh(1) and sshd(8), but they do not reveal identifying information
should the file's contents be disclosed. The default is ``no''. Note
that existing names and addresses in known hosts files will not be
converted automatically, but may be manually hashed using ssh-keygen(1).
HTH,
--
Jim Barnes
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org