下面是一个known_hosts条目。 以ssh-rsa开头的部分是公钥。 其他部分( ssh-rsa之前的字符)是什么?
| 1 | KnbIIJIPrL / 1p7ofUV74sK + J / GC = | wrjOFnPgoF0afgH0PeRtRqSdgvc = SSH-RSA AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa + PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31 / YMF + Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB + weqqUUmpaaasXVal72J + UX2B + 2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi / w4yCE6gbODqnTWlg7 + wC604ydGXA8VJiS5ap43JXiUFFAaQ ==
|1| 是HASH_MAGIC,表示它是has_Hidden_host_hosts条目。
接下来的两个base-64编码字段(由|分隔)是主机的随机生成的盐和SHA-1哈希。
如果您使用的是较早版本的OpenSSH,或者您的/etc/ssh/ssh_config或〜/ .ssh / config中HashKnownHosts No设置HashKnownHosts No ,则这些条目不会被散列,看起来更像这样:
remotehostname,192.168.1.100 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdn...etc...
从sshd(8)手册页, SSH_KNOWN_HOSTS FILE FORMAT部分:
Each line in these files contains the following fields: markers (optional), hostnames, bits, exponent, modulus, comment. The fields are separated by spaces.…
Alternately, hostnames may be stored in a hashed form which hides host names and addresses should the file's contents be disclosed. Hashed hostnames start with a '|' character. Only one hashed hostname may appear on a single line and none of the above negation or wildcard opera- tors may be applied.