For a while, I’ve been using a little trick that I found on the zsh wiki (CompletionExamples) to automatically turn my known_hosts file into a set of host names. Unfortunately, the latest Ubuntu upgrade has turned on a new feature of OpenSSH, HashKnownHosts (detailed in ssh_config(5)). Unfortunately, this breaks the parsing because the hostnames are no longer stored in the known_hosts file.
The simple workaround, in my case, was to stick HashKnownHosts no into
/etc/ssh/ssh_config. And now everything’s back to normal.
Update: As Aristotle points out below, this is definitely a trade off of security vs convenience. Don’t do it if you’re not happy with the consequences.
2 replies on “OpenSSH & zsh misfeature”
You understand why this was implemented, right? It’s so if a cracker breaks into a system, he cannot mine the
known_hostsfiles on it to discover additional targets. Turn it off only if you know the implications.
I’m aware of why it’s like that. It’s just very inconvenient from my day-to-day usability. I’m aware that I’m making a trade off of security vs convenience. I shall point that out.