DuckDuckWhale
1eedf4a4f1
HashKnownHosts provides an appearance of security but is actually [easily crackable](https://github.com/chris408/known_hosts-hashcat) and doesn't prevent leakage from other sources, such as the shell history or SSH config. Most importantly, it makes properly maintaining the list tedious and error-prone by making it hard to remove changed keys and impossible to remove obsolete entries, therefore possibly weakening security. Security should be enforced by password-protecting SSH keys instead.
5 lines
68 B
Plaintext
5 lines
68 B
Plaintext
Host *
|
|
ForwardX11Trusted no
|
|
HashKnownHosts no
|
|
IdentitiesOnly yes
|