HashKnownHosts vs @cert-authority

Harald Dunkel harald.dunkel at aixigo.de
Sat Dec 10 01:38:06 AEDT 2016

Previous message (by thread): [PATCH] don't always emit '.ssh' create error
Next message (by thread): HashKnownHosts vs @cert-authority
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi folks,

maybe I am too blind to see, but would it be possible to
avoid extra entries in known_hosts, if the remote host
has a signed public key matching a @cert-authority line?
Something like

	Host *
		HashKnownHosts unsigned

This could help to keep the known_hosts file small and
yet get all the unsigned public keys in.


Just a suggestion, of course. Regards
Harri

Previous message (by thread): [PATCH] don't always emit '.ssh' create error
Next message (by thread): HashKnownHosts vs @cert-authority
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the openssh-unix-dev mailing list