HashKnownHosts provides an appearance of security but is actually
[easily crackable](https://github.com/chris408/known_hosts-hashcat) and
doesn't prevent leakage from other sources, such as the shell history or
SSH config. Most importantly, it makes properly maintaining the list
tedious and error-prone by making it hard to remove changed keys and
impossible to remove obsolete entries, therefore possibly weakening
security. Security should be enforced by password-protecting SSH keys
instead.
Encountered a few bugs/annoyances with vi mode. Seems not as polished
as the EMACS key bindings. Also annoying to use with others' shells not
configured to use vi mode, while the main benefit is still available
with ctrl-x ctrl-e
This prevents hardware attacks where a USB device disguises as a
keyboard and types malicious commands by locking the screen before
enabling any human interface device once connected.
