Reputation: 167
Mac, known_hosts location not default?
I developped a software in Java for some customers and my soft needs to access the known_hosts file since it's using JSCH commands. I tested it on my computer running on Linux and several Mac machines and it works fine. But I have an issue with one customer :
My soft can't access the known_hosts file. I know that its default location (and mostly always) is : /Users/username/.ssh/known_hosts
BUT
when I asked him to type in the terminal nano /users/username/.ssh/known_hosts it created a new file instead of opening one. So my question is :
Is it possible for the known_hosts file to be somewhere else ? If so, how do you find it's location ???
NB : I have no remote access to the Mac (like with TeamViewer or things like that) since it is not connected to internet.
Upvotes: 2
Views: 17586
Answers (2)
Reputation: 46876
Since the default location may be overridden for a particular host through entries in ~/.ssh/config, you need to determine the file for a particular target.
MacOS uses a recent enough version of openSSH that you should be able to use the -G option to determine configuration for a particular connection:
$ ssh -G somehost | grep knownhostsfile
globalknownhostsfile /etc/ssh/ssh_known_hosts /etc/ssh/ssh_known_hosts2
userknownhostsfile ~/.ssh/known_hosts ~/.ssh/known_hosts2
Rather than editing a file with nano or any other text editor, the correct way to create a known_hosts file would be to make a successful connection using SSH, and answer the SSH client's challenge about correctness of the host key.
If you want to impress your client with your sensitivity to security requirements he may not even know he has, then rather than asking him to type a pathname, send him an ssh command line along with the intended key for him to verify, so that he can confidently say "Yes, this is the right host." Let SSH do its job.
Upvotes: 5
Reputation: 1318
This is the default location – the file may simply not exist yet because it was never used (macOS does this quite often; /etc/fstab is another example).
But if you create this file and add any hosts to it (and set the correct permissions; 0700 on ~/.ssh and 0600 on ~/.ssh/known_hosts) they will be recognised.
Upvotes: 1
Related Questions
- ansible ssh prompt known_hosts issue
- How to remove permanently added host from list of known hosts?
- How can I get GIT/SSH to look for "known_hosts" in a specific location?
- SSH on Linux: Disabling host key checking for hosts on local subnet (known_hosts)
- pssh and known_hosts file
- How to Securely Add a List of Hosts to known_hosts File
- known_hosts has two hosts
- ssh not reading specific ssh-keyscan entry inside .ssh/known_hosts?
- SSH known_hosts file adds different ssh-rsa code when I want to propagate key to other environment - cause of being unable to connect w/o password?
- Can`t push to remote repository when known_hosts is not empty