Fedora's ssh known hosts file

Stephen John Smoogen smooge at gmail.com
Tue Aug 10 15:07:21 UTC 2010


On Sun, Aug 8, 2010 at 14:04, Matt McCutchen <matt at mattmccutchen.net> wrote:
> On Thu, 2010-08-05 at 22:23 +0200, Till Maas wrote:
>> Yes ssh is secure if used properly. To get the proper known_hosts entry,
>> one has to download https://admin.fedoraproject.org/ssh_known_hosts btw.
>
> I'm very glad to see that Fedora provides such a list.  I just installed
> it on my computer (after filtering out hostnames not ending with
> fedoraproject.org, for obvious reasons).
>
> Is it documented anywhere?  For full security, every packager should
> install it rather than allowing ssh to add host keys on first use.

Well I am not sure that file would be all that useful as it contains
lots of hosts a packager would not get to AND could conflict with
other networks as it contains a lot of 10.X.X. and 192.X.X. ips. It
also gets updated from time to time as we rebuild hosts.

> --
> Matt
>
> --
> devel mailing list
> devel at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/devel
>



-- 
Stephen J Smoogen.
“The core skill of innovators is error recovery, not failure avoidance.”
Randy Nelson, President of Pixar University.
"We have a strategic plan. It's called doing things.""
— Herb Kelleher, founder Southwest Airlines


More information about the devel mailing list