Danger in not maintaining known_hosts file?

ssh security hosts

Solution 1:

Is there were any risks in keeping hosts addresses or if it doesn't make any difference?

Yes, it is. This file creates your database of trusted host keys. If you do not maintain it in any way, there might be a lot of them that are expired or possibly leaked from the original host. In that case, you are exposing yourself to MitM attack, where potential attacker can spoof your DNS, redirect your SSH connection to his server (presenting previously valid host keys) and ask you for your password.

This is a big disadvantage of not using any public key infrastructure (PKI) with central certificate authority, which would take care of the expired certificates by distributing certificate revocation lists (CRL) to all its users.

Related

Getting Yosemite instead of El Capitan
Python path added to $PATH -- cannot find origin
Cannot connect to software update server
Why are my Photos library database/metadata files being modified even when I'm not using the Photos app?
How can I combine USB-C peripherals into a single cord?
Via ssh: Open remote pdf without saving locally
Is it safe to eject a hard drive during encryption?
How to 'unregister' a file type / MIME with launch services
MacBook Charging Wattage
tmux jump words as with zsh
Change the location of Chrome notifications?
Safari only wants to connect to localhost via HTTPS