Hi Damien/all,
Since github etc use a potentially large number of IP addresses (albeit with a
small number of keys), I'd like more granular oversight over their entries
in my known_hosts.
Eg, here is a simplified stanza from my current ssh config:
Host github gitlab
User git
Hostname %h.com
UserKnownHostsFile ~/.ssh/known_hosts.d/git
There doesn't seem to be a good way to filter only certain hosts from that
UserKnownHostsFile. When looking to remove outdated entries, I'd like to be
able to tell which IP addresses and keys belonged to, say, GitHub -- at any time
in the past.
I wondered if you would be willing to add a feature where we can shape the
UserKnownHostsFile using tokens, similar to AuthorizedKeysFile for sshd config?
My new config taking advantage of this feature could look like the following:
Host github gitlab
User git
Hostname %h.com
UserKnownHostsFile ~/.ssh/known_hosts.d/%h
I know I could split out UserKnownHosts to go under a sequence of individual
Hosts entries, but that seems inelegant when I'm already combining multiple
hosts due to their similar configs.
Sorry if in fact it's already possible somehow. I didn't see anything in
`man ssh_config` or via a web search.
Cheers,
A