Cleaning up in ~/.ssh/known_hosts

I just noticed that Debian’s ssh does the right thing and uses hashes rather than IP addresses in ~/.ssh/known_hosts. So, how do you keep the list of known hosts minimal if you can’t delete entries manually any longer? ssh-keygen has two commandline options that help

% ssh-keygen -F <hostname>
% ssh-keygen -R <hostname>

The first will list the entry for the host, the second will delete it (a backup of known_hosts is made first).

I also noticed that ZSH’s command line completion doesn’t know about these options yet.

Leave a comment