/.ssh/known_hosts ownership

NoOp glgxg at sbcglobal.net
Thu May 22 17:08:58 UTC 2008

On 05/21/2008 10:03 PM, Smoot Carl-Mitchell wrote:
> On Wed, 2008-05-21 at 19:49 -0700, NoOp wrote:

>> My question: is resetting /.ssh/known_hosts to user vs root a security
>> issue?
> No it is not.  It should be owned by your user id.  known_hosts stores
> the host keys collected from remote servers.  If the remote key changed,
> it may mean the remote server has been compromised or a person in the
> middle attack is underway. In most cases the host key has changed
> because it has been regenerated on the remote system.  For the truly
> paranoid it is a useful check.  Some admins require the know_host key to
> match before allowing an SSH connection.  This is handled by the
> StrictHostKeyChecking keyword. When set to "yes", it requires you to add
> remote host keys manually.

Thanks. I appreciate the confirmation & added info.

More information about the ubuntu-users mailing list