• caglararli@hotmail.com
  • 05386281520

Is it possible somebody could have edited my known_hosts file to connect to malicious servers?

Çağlar Arlı      -    29 Views

Is it possible somebody could have edited my known_hosts file to connect to malicious servers?

I noticed my known_hosts file has many (15) lines, and I'm not sure why. I didn't think I had connected to this many servers. (I think this is what the known_hosts file is for, based on my limited understanding of the answer to this post.) There are no hostnames associated with each line (no comments after).

Based on this post, I ran the command below, which says "Name or service not known" for all of them.

ssh-keyscan -t rsa,dsa -f known_hosts > ~/.ssh/known_hosts_revised

I also tried running this Perl script based on this answer and haven't got anything so far. (It's been running a while.)

I'm planning to clear the known_hosts file, but wondered if should expect potentially negative issues as a result. Should I spend the effort to fix my existing file? Am I imagining an issue in the first place?