On Tue, Jun 16, 2009 at 11:46 PM, prad<prad@towardsfreedom.com> wrote:
On Tue, 16 Jun 2009 19:49:24 -0500 Dan McGee <dpmcgee@gmail.com> wrote:
which also autocomplete without having to remove the "security" of host name hashing
dan, i tried that too last night, but forgot to wipeout the known_hosts file.
what exactly is the benefit of host name hashing? is it to prevent other users from knowing what's in known_hosts as far as names of the other computers go?
even if they do know, what can they do without having an account?
or is my reasoning too simplistic?
Knowing your known_hosts, if someone hacks one account they, in essence, hack all of them - assuming you have ssh keys setup (or use the same password everywhere), they now have a list of where your key works