About
Known Hosts File is a client file that:
- lists all known remote host via their public key
- is used by the ssh client to verify it via public key authentication
Format
hostname algo public_key
hostname,ip algo public_key
where:
- algo public_key is the public key of the host keys
Management
Add a host
ssh-keyscan server-ip >> ~/.ssh/known_hosts
Example
192.168.1.20 ecdsa-sha2-nistp256 public_key
gerardnico.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABA............
- from sshd
# Comments allowed at start of line
closenet,...,192.0.2.53 1024 37 159...93 closenet.example.net
cvs.example.net,192.0.2.10 ssh-rsa AAAA1234.....=
# A hashed hostname
|1|JfKTdBh7rNbXkVAQCRp4OQoPfmI=|USECr3SWf1JUPsms5AqfD5QfxkM= ssh-rsa AAAA1234.....=
# A revoked key
@revoked * ssh-rsa AAAAB5W...
# A CA key, accepted for any host in *.mydomain.com or *.mydomain.org
@cert-authority *.mydomain.org,*.mydomain.com ssh-rsa AAAAB5W...
Location
home\.ssh\known_hosts
The location of the known_hosts files are a configuration of your client.
Windows
Ie:
- User: C:\Users\login\.ssh\known_hosts
- System: C:\Windows\System32\config\systemprofile\.ssh\known_hosts
Linux
For OpenSSH
ssh -G host | grep hostsfile
# example: ssh -G [email protected] | grep hostsfile
globalknownhostsfile /etc/ssh/ssh_known_hosts /etc/ssh/ssh_known_hosts2
userknownhostsfile ~/.ssh/known_hosts ~/.ssh/known_hosts2