[arch-general] bash remote host completion gone
Aaron Griffin
aaronmgriffin at gmail.com
Wed Jun 17 01:12:02 EDT 2009
On Tue, Jun 16, 2009 at 11:46 PM, prad<prad at towardsfreedom.com> wrote:
> On Tue, 16 Jun 2009 19:49:24 -0500
> Dan McGee <dpmcgee at gmail.com> wrote:
>
>> which also autocomplete
>> without having to remove the "security" of host name hashing
>>
> dan,
> i tried that too last night, but forgot to wipeout the known_hosts file.
>
> what exactly is the benefit of host name hashing? is it to prevent
> other users from knowing what's in known_hosts as far as names of the
> other computers go?
>
> even if they do know, what can they do without having an account?
>
> or is my reasoning too simplistic?
Knowing your known_hosts, if someone hacks one account they, in
essence, hack all of them - assuming you have ssh keys setup (or use
the same password everywhere), they now have a list of where your key
works
More information about the arch-general
mailing list