如果我运行git clone [email protected]:some-org/some-repo.git,我会收到以下提示:
The authenticity of host 'github.com (192.30.253.113)' can't be established.
RSA key fingerprint is SHA256:nThbg6kXUpJWGl7E1IGOCspRomTxdCARLviKw6E5SY8.
显然,我根据https://help.github.com/articles/github-s-ssh-key-fingerprints/的列表验证指纹,然后回复yes:
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'github.com,192.30.253.113' (RSA) to the list of known hosts.
...etc.
这导致两个条目被添加到我的~/.ssh/known_hosts文件中,两者都具有相同的密钥,都经过哈希处理。
如果我用 确认密钥ssh-keyscan github.com,则密钥匹配。
但是为什么我有两个条目known_hosts,而不是一个?
通常,该
known_hosts文件的每一行都包含一个主机名/IP 地址列表。但是,当主机名被散列(为了简化匹配?)时,这不会使用,如手册页中所述sshd:所以回答你的问题,
其中一个是
github.com,另一个192.30.253.113与您在提示中确认的完全一样如果您关闭已知主机散列(没有充分的理由这样做),您将只得到一行,例如我的:
github.com,192.30.252.128 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==