Hacker News new | ask | show | jobs
by simonmysun 683 days ago
I would rather require a tool to manage host keys. I really wish to write them along with the host configs in my `~/.ssh/config` instead of `known_hosts`. Additionally I think other host keys e.g. from GitHub should be delivered in a better way. For example, on Archlinux I would prefer getting them from package manager instead of being prompt during connection. Unfortunately host keys can only be written in `known_hosts` and `known_hosts` does not support importing or other method to seperate into different files.

EDIT: I was wrong. See comments.

Does anyone have any suggestions?
3 comments
darrenf 683 days ago
You can specify multiple files using either `GlobalKnownHostsFile` or `UserKnownHostsFile` options. Plus you can specify a command that will return host keys. See this entry in `man ssh_config`:

     KnownHostsCommand
             Specifies a command to use to obtain a list of host keys, [...]
link
simonmysun 683 days ago
Wow I didn't know that. I will definitely try it! Thx!
link
dmarinus 683 days ago
There's GlobalKnownHostsFile and UserKnownHostsFile. The global known hosts file is usually stored in /etc/ssh, linux distributions could store common ssh host keys in there.
link
simonmysun 683 days ago
Unfortunately, ArchLinux is not doing so. It is hard to define common though. I guess that's one of the reasons such package does not exist.
link
zokier 683 days ago
DNS SSHFP records
link