“known_hosts”条目的不同部分代表什么含义？

Question 1

是|1|HASH_MAGIC，表明它是一个散列的 known_hosts 条目。

接下来的两个 base-64 编码字段（以分隔|）是随机生成的盐和主机的 SHA-1 哈希。

如果您使用的是旧版本的 OpenSSH，或者您已HashKnownHosts No在或 ~/.ssh/config` 中设置/etc/ssh/ssh_config，则条目不会被散列，并且看起来更像这样：

remotehostname,192.168.1.100 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdn...etc...

Answer

是|1|HASH_MAGIC，表明它是一个散列的 known_hosts 条目。

接下来的两个 base-64 编码字段（以分隔|）是随机生成的盐和主机的 SHA-1 哈希。

如果您使用的是旧版本的 OpenSSH，或者您已HashKnownHosts No在或 ~/.ssh/config` 中设置/etc/ssh/ssh_config，则条目不会被散列，并且看起来更像这样：

remotehostname,192.168.1.100 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdn...etc...

Question 2

从sshd(8)手册页中，SSH_KNOWN_HOSTS 文件格式部分：

 Each line in these files contains the following fields: markers
 (optional), hostnames, bits, exponent, modulus, comment.  The fields are
 separated by spaces.

...

 Alternately, hostnames may be stored in a hashed form which hides host
 names and addresses should the file’s contents be disclosed.  Hashed
 hostnames start with a ‘|’ character.  Only one hashed hostname may
 appear on a single line and none of the above negation or wildcard opera-
 tors may be applied.

Answer

从sshd(8)手册页中，SSH_KNOWN_HOSTS 文件格式部分：

 Each line in these files contains the following fields: markers
 (optional), hostnames, bits, exponent, modulus, comment.  The fields are
 separated by spaces.

...

 Alternately, hostnames may be stored in a hashed form which hides host
 names and addresses should the file’s contents be disclosed.  Hashed
 hostnames start with a ‘|’ character.  Only one hashed hostname may
 appear on a single line and none of the above negation or wildcard opera-
 tors may be applied.

“known_hosts”条目的不同部分代表什么含义？

答案1

答案2

相关内容