我试图从文件开始更好地了解 SSH 的工作原理known_hosts。
如果我第一次通过 SSH 指定 Raspberry 的 IP 地址,~/.ssh/know_hosts在我同意启动连接后添加 1 行:
The authenticity of host '192.168.1.4 (192.168.1.4)' can't be established.
ECDSA key fingerprint is SHA256:sPgiqaOhfidX9e1eHeusZWYOiPISsdZGqtkipW11iXQ.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.4' (ECDSA) to the list of known hosts.
我可以检查 1 行是否已有效添加到文件中known_hosts(考虑到文件最初为空):
$ cat ~/.ssh/known_hosts | wc -l
1
但是,如果我尝试通过 RapsberryPi ( ) 的主机名启动连接,raspberrypi.local则会在文件中添加 2 行known_hosts:一行用于 IPv4,一行用于主机名。
$ ssh [email protected]
...
Warning: Permanently added 'raspberrypi.local,192.168.1.4' (ECDSA) to the list of known hosts.
$ cat ~/.ssh/known_hosts | wc -l
2
$ ssh-keygen -H -F raspberrypi.local
# Host raspberrypi.local found: line 1
|1|FO/BbuIwNdRi8udGiWxxKb1n/iw=|KX...
$ ssh-keygen -H -F 192.168.1.4
# Host 192.168.1.4 found: line 2
|1|/gHHOjRDGGd3ZyVVIOFKwuf3uKI=|rU...
我希望只添加一行,因为 192.168.1.4 和 rapsberrypi.local 是同一主机。基于主机标识符的多个条目有何必要?