Choose from the two sets of instructions below depending on whether you would like the option to submit data to our anonymized research study, the goal of which is to measure the potential dangers of leaving the host names and addresses in your known_hosts
files unencrypted. We ask you to consider this now as once you've converted your known_hosts
addresses to hashed host format it will no longer be possible to collect this data. Data will not be submitted to our servers without your additional consent during the collection process.
Alternatively, you can download the above files via command line if you have wget
:
wget ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-3.9p1.tar.gz wget http://nms.lcs.mit.edu/projects/ssh/openssh-3.9p1-hashed-hosts-COLLECT-20050314.patch.gz
tar zxf openssh-3.9p1.tar.gz gunzip openssh-3.9p1-hashed-hosts-COLLECT-20050314.patch.gz patch -p0 < openssh-3.9p1-hashed-hosts-COLLECT-20050314.patch cd openssh-3.9p1 ./configure --prefix=/usr make
make install
known_hosts
files to the hashed hosts format.convert_known_hosts.pl
script will attempt to locate each user's known_hosts
file and convert it to hashed hosts format. In order to do this correctly, the script must be run as root. Backup copies of the original files will be encrypted and placed in the same directory as the originals. You will want to use a pass phrase that is not used elsewhere on your system. Before running convert_known_hosts.pl
, you must run the script build-CR.sh
in order to build (in place) the Crypt::Rijndael
and Digest::SHA1
perl modules if they are not already available on your system. If you need to access the backup files, or if you have any problems running the script, look at the README file and the script's -h (help) option for more information.
sh build-CR.sh perl convert_known_hosts.pl
Alternatively, you can download the above files via command line if you have wget
:
wget ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-3.9p1.tar.gz wget http://nms.lcs.mit.edu/projects/ssh/openssh-3.9p1-hashed-hosts-NOCOLLECT-20050214.patch.gz
tar zxf openssh-3.9p1.tar.gz gunzip openssh-3.9p1-hashed-hosts-NOCOLLECT-20050214.patch.gz patch -p0 < openssh-3.9p1-hashed-hosts-NOCOLLECT-20050214.patch cd openssh-3.9p1 ./configure --prefix=/usr make
make install
known_hosts
files to the hashed hosts format.convert_known_hosts.pl
script will attempt to locate each user's known_hosts
file and convert it to hashed hosts format. In order to do this correctly, the script must be run as root. Backup copies of the original files will be encrypted and placed in the same directory as the originals. You will want to use a pass phrase that is not used elsewhere on your system. If you need to access the backup files, or if you have any problems running the script, look at the README file and the script's -h (help) option for more information.
perl convert_known_hosts.pl
NMS Home Projects People Papers Software
CSAIL | E E C S | M I T |
M. I. T. Computer Science and Artificial Intelligence Laboratory · 32 Vassar Street · Cambridge, MA 02139 · USA