On Wed, May 21, 2008 at 4:50 PM, Dimitrios Apostolou <jimis@gmx.net> wrote:
Hi,
Was this change forwarded to the OpenSSH developers? I am sure that if it is indeed better security-wise to hash the known_hosts file, they would change the default configuration upstream. I'm also sure that they would give very good reasons for not wanting to do so.
So I just went googling about this stuff. I saw this option got enabled years ago on Debian, and after that a few users complained about that change, but without any real reasons. (so a bit like what is happening here now :)) Anyway, there was a huge thread on debian mailing list, I finally found one mail which partially answers your question : http://lists.debian.org/debian-devel/2005/07/msg00041.html