[nycbug-talk] Analyzing malicious SSH login attempts

Okan Demirmen okan at demirmen.com
Wed Sep 13 10:37:17 EDT 2006


On Tue 2006.09.12 at 13:24 -0400, George Georgalis wrote:
> There was some resolution (at openbsd I think) to encrypt
> the known_hosts entries with the remote host public key;
> so if your authentication was compromised, at least there
> wouldn't be a list a hosts for the attacker to look up.
> But I've not seen it in my OS yet.

man ssh_config - see HashKnownHosts



More information about the talk mailing list