Displaying 1 result from an estimated 1 matches for "obscureknownhostnam".
Did you mean:
obscureknownhostnames
2024 Jun 24
0
[Bug 3703] New: HashKnownHost deprecation
...ss obscurity
measure, and the most it can ever offer is protection against casual
shoulder-surfing disclosure[*]
I wish I never added it. I consider it the most stupid thing I've ever
done to OpenSSH :(
As far as what a concrete migration plan would look like, maybe
something
like:
1) Add an ObscureKnownHostnames option that, instead of hashing, simply
base64-encodes the hostnames. This provides the same level of
protection as the current option. Recommend this instead of
HashKnownHosts in the manual.
2) (later) Add a deprecation warning to HashKnownHosts
3) (later still) Remove the HashKnownHo...