2

Is there a way to generate or reinstall some package to get the contents of ~/.ssh/known_hosts file ?

Gilles 'SO- stop being evil'
  • 807,993
  • 194
  • 1,674
  • 2,175
shirish
  • 11,967
  • 27
  • 107
  • 190
  • 4
    That file is not a matter of "packages". It contains the public keys of the ssh server that you have logged in. If you have another ssh client installed on other machine that accessed to the same servers, you may copy. How many entries that files had in it? – sebelk Mar 07 '17 at 19:14
  • I removed the one I had and now has only 2 entries. – shirish Mar 07 '17 at 19:14
  • But how many lines had this file? – sebelk Mar 07 '17 at 19:19
  • 2 lines only, it's a newly generated file `[$] ll -h known_hosts [0:58:49] -rw-r--r-- 1 shirish shirish 284 2017-03-07 23:41 known_hosts` – shirish Mar 07 '17 at 19:20
  • Are you using the `known_hosts` to prevent connecting to a malicious domain ? – GAD3R Mar 07 '17 at 21:38
  • The idea was to know whether it was a malicious domain was there. But *seems* all is ok, I have yet to fully understand all the different cogs in the wheel. – shirish Mar 07 '17 at 23:30

2 Answers2

6

Whenever you connect to an unknown host ssh will prompt you

The authenticity of host '...' can't be established.
RSA key fingerprint is ...
Are you sure you want to continue connecting (yes/no)?

and add a new entry to the file known_hosts file.

So to regenerate the file connect to your usual hosts and optionally check the fingerprint if you suspect a MITM.

laktak
  • 5,616
  • 20
  • 38
  • 3
    It's usually easiest to just login and let `ssh` update `known_hosts`, but if for some reason you want to add the key(s) for some hosts(s) _without_ logging-in, use `ssh-keyscan` (see its man page). EDIT: as covered in another but unlinked Q by same OP http://unix.stackexchange.com/questions/349818/how-to-get-rsa-fingerprint-of-a-remote-site-in-debian – dave_thompson_085 Mar 07 '17 at 21:44
2

You can copy the hosts from someonewhocares.org/hosts to your /etc/hosts file , this file is updated periodically (Last updated: Tue, 07 Mar 2017 at 07:19:43 GMT)

Use this file to prevent your computer from connecting to selected internet hosts. This is an easy and effective way to protect you from many types of spyware, reduces bandwidth use, blocks certain pop-up traps, prevents user tracking by way of "web bugs" embedded in spam, provides partial protection to IE from certain web-based exploits and blocks most advertising you would otherwise be subjected to on the internet.

You can add a new entry to your known_hosts

ssh host.example.org -o "VerifyHostKeyDNS=yes"

You can verify the fingerprint :

ssh-keyscan host.example.org | ssh-keygen -lf -
GAD3R
  • 63,407
  • 31
  • 131
  • 192
  • 1
    If you just want to add a known hosts entry for a host, `ssh host.example.org -o "StrictHostKeyChecking=no" true`, so it returns straight away. That might be useful within a `for` loop, for example, to re-create lots of known-hosts entries (providing you're willing to accept the risk of spoofing whilst you're re-creating it). It's still going to be faster and more efficient to use `ssh-keyscan` instead, though. – Toby Speight Mar 08 '17 at 13:24