36

I'm speaking at a conference next week about some software tools I've created. My laptop will be shown on a projector screen during this presentation. The presentation will be videotaped and posted on youtube. If, for some reason, I have occasion to open and edit my ~/.ssh/known_hosts file during this presentation, should I disconnect the projector while doing so? Is there any security risk to disclosing my known_hosts file?

Matt Korostoff
  • 475
  • 4
  • 7
  • 7
    Why not simply replace your actual `known_hosts` with a fake one during the presentation? – Sven Jul 11 '15 at 19:10
  • 1
    ...or if you do not check the host fingerprint in the first place, use something like `ssh -oUserKnownHostsFile=/dev/null -oStrictHostKeyChecking=no user@host` to bypass the fingerprint question and avoid checks against existing known_hosts. – Lekensteyn Jul 12 '15 at 11:18
  • @Sven the known_hosts file isn't part of the presentation per se, just that the software I'm demonstrating occasionally requires me to edit my known_hosts. The audience doesn't need to see this (so I'll use blind editing as several commenter here have suggested) but editing a fake known_hosts file simply wouldn't accomplish my goal. – Matt Korostoff Jul 12 '15 at 17:45

2 Answers2

47

The known_hosts file contains the trusted public keys for hosts you connected to in the past. These public keys can be obtained simply by trying to connect to these hosts. Therefore it is no security risk per se.

But: It contains a history of hosts you connected to. The information may be used by a potential attacker to footprint organization infrastructure for example. Also it informs potential attackers that you probably have access to certain hosts and that stealing your laptop will give them access as well.

Edit: To avoid showing your known_hosts file i recommend you use the ssh-keygen utility. ssh-keygen -R ssh1.example.org for example removes the trusted keys for ssh1.example.org from your known_hosts.

Richard
  • 719
  • 8
  • 15
  • ssh-keygen doesn't seem to work unless you know the port. For some purposes, that makes it difficult to use. – AdamC Aug 25 '22 at 21:40
17

There's nothing particularly dangerous about this. However, you may not wish to disclose this identifying information. Sometimes the existence of hosts is reveals good lines of attack for those inclined. You can either make use of HashKnownHosts, or you can edit the file without looking at it.

Blind edit:
sed -i 25d .ssh/known_hosts will delete line 25 without putting any contents on screen.

HashKnownHosts
Indicates that ssh(1) should hash host names and addresses when they are added to ~/.ssh/known_hosts. These hashed names may be used normally by ssh(1) and sshd(8), but they do not reveal identifying information should the file's contents be disclosed. The default is “no”. Note that existing names and addresses in known hosts files will not be converted automatically, but may be manually hashed using ssh-keygen(1).

84104
  • 12,698
  • 6
  • 43
  • 75
  • 5
    Instead of manually calculating the line number and removing it with sed, you can also use `ssh-keygen -R example.com`. – Lekensteyn Jul 12 '15 at 11:20
  • 4
    You can also use `ssh-keygen -H -f ~/.ssh/known_hosts` to hash all the names/addresses in the file. – Barmar Jul 15 '15 at 14:01