[Bug 2560] sshd: Description of hashed known_hosts file does not make sense and format is outdated
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Fri Apr 8 14:31:53 AEST 2016
https://bugzilla.mindrot.org/show_bug.cgi?id=2560
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
It's saying that (In reply to Jakub Jelen from comment #0)
> Manual page for sshd states:
>
> Alternately, hostnames may be stored in a hashed form which hides
> host names and addresses should the file's contents be disclosed.
>
> The ending part "should the file's contents be disclosed" does not
> fit into the sentence and I am not sure what is meant by that.
>
> It is there for a long time, since
> e1776155d19db4f3ab2ff42323d6499f0712cfa4
It's saying that if someone gets a hold ("be disclosed") of your
known_hosts file then the host name/address will still have some
privacy. AFAIK it's grammatical, but I'm open to a better wording.
> Also the format, described as:
>
> Each line in these files contains the following fields: markers
> (optional),
> hostnames, bits, exponent, modulus, comment.
>
> is outdated (describes RSA1 keys). In current situation the part
> "bits, exponent, modulus" is substituted by "keytype, base64-encoded
> key" as described for example in authorized_keys section.
How about:
-hostnames, bits, exponent, modulus, comment.
+hostnames, key type, key content (base-64 encoded), comment.
We're taking the habit of referring to SSH protocol 2 features only in
anticipation of a future removal of SSH 1 code in a few years.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list