[Bug 3703] New: HashKnownHost deprecation

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Mon Jun 24 20:40:46 AEST 2024


https://bugzilla.mindrot.org/show_bug.cgi?id=3703

            Bug ID: 3703
           Summary: HashKnownHost deprecation
           Product: Portable OpenSSH
           Version: 9.4p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: dbelyavs at redhat.com

Probable HashKnownHost deprecation was discussed in
https://lists.mindrot.org/pipermail/openssh-unix-dev/2022-January/039871.html

Damien proposed the following road map back then:
=======
I'd prefer to remove hostname hashing. It's a pointless obscurity
measure, and the most it can ever offer is protection against casual
shoulder-surfing disclosure[*]

I wish I never added it. I consider it the most stupid thing I've ever
done to OpenSSH :(

As far as what a concrete migration plan would look like, maybe
something
like:

1) Add an ObscureKnownHostnames option that, instead of hashing, simply
   base64-encodes the hostnames. This provides the same level of
   protection as the current option. Recommend this instead of
   HashKnownHosts in the manual.

2) (later) Add a deprecation warning to HashKnownHosts

3) (later still) Remove the HashKnownHosts option (or make it an alias
   to ObscureKnownHostnames)

4) (later again) Warn when known_hosts contains a hashed hostname

5) (finally) rip out the hostname hashing code entirely.

-d

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list