Hi, Was this change forwarded to the OpenSSH developers? I am sure that if it is indeed better security-wise to hash the known_hosts file, they would change the default configuration upstream. I'm also sure that they would give very good reasons for not wanting to do so. Thanks, Dimitris