[arch-general] Any way to decrypt hashes set by ssh HashKnownHosts?

Dimitrios Apostolou jimis at gmx.net
Wed May 21 16:52:10 EDT 2008 

On Wed, 2008-05-21 at 17:44 +0200, Xavier wrote:
> On Wed, May 21, 2008 at 4:50 PM, Dimitrios Apostolou <jimis at gmx.net> wrote:
> > Hi,
> >
> > Was this change forwarded to the OpenSSH developers? I am sure that if
> > it is indeed better security-wise to hash the known_hosts file, they
> > would change the default configuration upstream. I'm also sure that they
> > would give very good reasons for not wanting to do so.
> >
> >
> 
> So I just went googling about this stuff. I saw this option got
> enabled years ago on Debian, and after that a few users complained
> about that change, but without any real reasons. (so a bit like what
> is happening here now :))
> Anyway, there was a huge thread on debian mailing list, I finally
> found one mail which partially answers your question :
> http://lists.debian.org/debian-devel/2005/07/msg00041.html

Thanks but I had read that before posting, as I had also been reading
the openssh source code to understand how known_hosts matching is being
performed. I have also read the same answer in 2005 on the openssh-dev
ML, "it will probably be the default really soon". Still it is 2008 and
it is not the default, that's why I asked what I asked. Why isn't it the
default in OpenSSH? 

I have some fears that it *might* be a security threat to have a hashed
known_hosts file, however I didn't want to say it publicly since I'm not
sure at all. The fact that fears me is that by hashing the known_hosts
file information is lost, in particular the information that binds the
IP address to the hostname. With unhashed known_hosts they are both
recorded on the same line. With hashed known_hosts each one is
independently recorded on different lines. I am only speculating here, I
haven't fully understood how openssh does its checks.

We should be careful about *security* choices we make. Especially these
choices should be made on vast community majority, not on the personal
decision of a package maintainer. I am talking about general arch policy
here, I have tried to raise discussion on other security issues too but
got the feeling of being ignored by the devs, and that discuss on their
private list and mostly announce here. 

Lastly, FYI I don't consider debian an example of good security policy.
They keep changing things to satisfy their project's bugzilla but they
keep being bitten by the fact that upstream doesn't always agree with
them.


Dimitris

More information about the arch-general mailing list