Is there a security risk to disclosing your SSH known_hosts file?

ssh known-hosts ssh-keys

I'm speaking at a conference next week about some software tools I've created. My laptop will be shown on a projector screen during this presentation. The presentation will be videotaped and posted on youtube. If, for some reason, I have occasion to open and edit my ~/.ssh/known_hosts file during this presentation, should I disconnect the projector while doing so? Is there any security risk to disclosing my known_hosts file?


Solution 1:

The known_hosts file contains the trusted public keys for hosts you connected to in the past. These public keys can be obtained simply by trying to connect to these hosts. Therefore it is no security risk per se.

But: It contains a history of hosts you connected to. The information may be used by a potential attacker to footprint organization infrastructure for example. Also it informs potential attackers that you probably have access to certain hosts and that stealing your laptop will give them access as well.

Edit: To avoid showing your known_hosts file i recommend you use the ssh-keygen utility. ssh-keygen -R ssh1.example.org for example removes the trusted keys for ssh1.example.org from your known_hosts.

Solution 2:

There's nothing particularly dangerous about this. However, you may not wish to disclose this identifying information. Sometimes the existence of hosts is reveals good lines of attack for those inclined. You can either make use of HashKnownHosts, or you can edit the file without looking at it.

Blind edit:
sed -i 25d .ssh/known_hosts will delete line 25 without putting any contents on screen.

HashKnownHosts
Indicates that ssh(1) should hash host names and addresses when they are added to ~/.ssh/known_hosts. These hashed names may be used normally by ssh(1) and sshd(8), but they do not reveal identifying information should the file's contents be disclosed. The default is “no”. Note that existing names and addresses in known hosts files will not be converted automatically, but may be manually hashed using ssh-keygen(1).

Related

Where does Amazon publish the range of IP addresses used for EC2 instances by region?
How to enable TLS 1.1, 1.2 in IIS 7.5
How to fix corrupted opencl.dll in Windows 10, if SFC and DISM are failing?
Is bit rot on hard drives a real problem? What can be done about it?
Using sed to remove both an opening and closing square bracket around a string
500 error on fresh install of IIS and PHP
Moving servers and IPs will change. Do SSL certificates need to be re-issued and installed?
How to find time server in a domain?
Delete Files Older than (x) Days?
yum equivalent to apt-get upgrade vs apt-get dist-upgrade?
Are self-signed SSL certificates secure?
Is it possible to list the files that are cached?