{"componentChunkName":"component---src-templates-manual-template-tsx","path":"/manuals/client-user/61/serverauth-pk-knownhosts.html","webpackCompilationHash":"d1750f6cc413894a8b5c","result":{"data":{"promoBlocks":{"edges":[{"node":{"contentful_id":"47glnSpWzXeFylv2vfQEF8","internal":{"type":"ContentfulPromotionBlock"},"title":{"internal":{"type":"ContentfulHeading"},"contentful_id":"7KIOfSfgwJnCXuvRN6CfrP","textContent":"Standing privileges are a risk with PAM","color":"black","size":"medium"},"subTitle":null,"content":{"nodeType":"document","internal":{"content":"{\"nodeType\":\"document\",\"data\":{},\"content\":[{\"nodeType\":\"paragraph\",\"content\":[{\"nodeType\":\"text\",\"value\":\"Start your journey towards a just-in-time (JIT) model with zero standing privileges (ZSP). Read 'Remove Standing Privileges Through a Just-In-Time PAM Approach' by Gartner , courtesy of SSH.COM.\\n \\n\",\"marks\":[],\"data\":{}}],\"data\":{}}]}"}},"callToAction":{"internal":{"type":"ContentfulButton"},"contentful_id":"19EUesynV2Z7HHcuJk0BAS","content":"Download Gartner research","internalLink":null,"externalLink":"https://info.ssh.com/gartner_research_privileged_access_management","assetLink":null,"anchor":null},"picture":{"internal":{"type":"ContentfulAsset"},"contentful_id":"2ClylmBswcfDx4XdO7NTmL","title":"ICON Gartner ZSP","description":"","file":{"url":"//images.ctfassets.net/0lvk5dbamxpi/2ClylmBswcfDx4XdO7NTmL/78e899153ed66aec3b03b9a2cacd112d/ICON_Gartner_ZSP_ICON_Gartner.png","contentType":"image/png"},"fluid":{"aspectRatio":1,"src":"//images.ctfassets.net/0lvk5dbamxpi/2ClylmBswcfDx4XdO7NTmL/78e899153ed66aec3b03b9a2cacd112d/ICON_Gartner_ZSP_ICON_Gartner.png?w=3000&q=50","srcSet":"//images.ctfassets.net/0lvk5dbamxpi/2ClylmBswcfDx4XdO7NTmL/78e899153ed66aec3b03b9a2cacd112d/ICON_Gartner_ZSP_ICON_Gartner.png?w=750&h=750&q=50 750w,\n//images.ctfassets.net/0lvk5dbamxpi/2ClylmBswcfDx4XdO7NTmL/78e899153ed66aec3b03b9a2cacd112d/ICON_Gartner_ZSP_ICON_Gartner.png?w=1500&h=1500&q=50 1500w,\n//images.ctfassets.net/0lvk5dbamxpi/2ClylmBswcfDx4XdO7NTmL/78e899153ed66aec3b03b9a2cacd112d/ICON_Gartner_ZSP_ICON_Gartner.png?w=1601&h=1601&q=50 1601w","sizes":"(max-width: 3000px) 100vw, 3000px"},"fixed":{"width":3000,"height":3000,"src":"//images.ctfassets.net/0lvk5dbamxpi/2ClylmBswcfDx4XdO7NTmL/78e899153ed66aec3b03b9a2cacd112d/ICON_Gartner_ZSP_ICON_Gartner.png?w=3000&q=50","srcSet":""}},"centered":true,"indentMainContent":null,"transparentBackground":null,"imageScale":70,"imagePadding":null,"name":"WIKI migration side promo block2","product":null,"funnel":null,"topic":null,"keywords":null,"type":null,"priority":null,"globalOverride":null}},{"node":{"contentful_id":"6dfNaA1UlY4bADKQk6awhs","internal":{"type":"ContentfulPromotionBlock"},"title":{"internal":{"type":"ContentfulHeading"},"contentful_id":"49Tb2wSR21P5C2cpcgMZ3","textContent":"Get Multi-cloud PAM software - for free!","color":"black","size":"medium"},"subTitle":null,"content":{"nodeType":"document","internal":{"content":"{\"data\":{},\"content\":[{\"data\":{},\"content\":[{\"data\":{},\"marks\":[],\"value\":\"PrivX® Free replaces your in-house jump hosts and combines your AWS, GCP and Azure access into one multi-cloud solution.\\n \\n\",\"nodeType\":\"text\"}],\"nodeType\":\"paragraph\"}],\"nodeType\":\"document\"}"}},"callToAction":{"internal":{"type":"ContentfulButton"},"contentful_id":"1dmQ13jyyZ46ID07eVNVFb","content":"PrivX Free","internalLink":null,"externalLink":"https://info.ssh.com/privx-free-access-management-software","assetLink":null,"anchor":null},"picture":{"internal":{"type":"ContentfulAsset"},"contentful_id":"4UUYdjING8micwZQur5o6d","title":"ICON computer (search)","description":"","file":{"url":"//images.ctfassets.net/0lvk5dbamxpi/4UUYdjING8micwZQur5o6d/1b378a0f4646075c7a4788f1afffbabe/ICON_computer__search_.svg","contentType":"image/svg+xml"},"fluid":{"aspectRatio":null,"src":null,"srcSet":null,"sizes":null},"fixed":{"width":null,"height":null,"src":null,"srcSet":null}},"centered":true,"indentMainContent":null,"transparentBackground":null,"imageScale":70,"imagePadding":null,"name":"WIKI migration side promo block1","product":null,"funnel":null,"topic":null,"keywords":null,"type":null,"priority":null,"globalOverride":null}}]}},"pageContext":{"isCreatedByStatefulCreatePages":false,"body":"<div bgcolor=\"white\" text=\"black\" link=\"#0000FF\" vlink=\"#840084\" alink=\"#0000FF\"><table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"header\"><tbody><tr bgColor=\"#006a6e\" valign=\"top\"><td colspan=\"2\" width=\"324\"><a href=\"http://www.ssh.com/\"><img src=\"images/header_logo.gif\" alt=\"SSH Tectia\" width=\"324\" height=\"44\" border=\"0\"></a></td><td width=\"100%\"><img src=\"images/1x1.gif\" width=\"10\" height=\"1\" alt=\"\" border=\"0\"></td></tr><tr valign=\"top\"><td width=\"178\"><img src=\"images/navi1_left.gif\" alt=\"\" width=\"178\" height=\"26\" border=\"0\"></td><td width=\"146\" bgcolor=\"#1a797d\" background=\"images/navi1_bg.gif\"></td><td bgcolor=\"#1a797d\" background=\"images/navi1_bg.gif\"></td></tr><tr><td colspan=\"3\"><img src=\"images/1x1.gif\" width=\"10\" height=\"20\" alt=\"\" border=\"0\"></td></tr></tbody></table><div class=\"navheader\"><table width=\"100%\" summary=\"Navigation header\"><tr><td width=\"40%\" align=\"left\"></td><th width=\"20%\" align=\"center\"></th><td width=\"40%\" align=\"right\"><a accesskey=\"h\" href=\"index.html\"><img src=\"images/home.gif\" alt=\"Home\"></a><a href=\"ix01.html\"><img src=\"images/index.gif\"></a> <a accesskey=\"p\" href=\"serverauth-pk-keyinfo.html\"><img src=\"images/prev.gif\" alt=\"Prev\"></a> <a accesskey=\"u\" href=\"serverauth-pk.html\"><img src=\"images/up.gif\" alt=\"Up\"></a> <a accesskey=\"n\" href=\"serverauth-cert.html\"><img src=\"images/next.gif\" alt=\"Next\"></a>  </td></tr></table></div><div class=\"sect2\" lang=\"en\"><div class=\"titlepage\"><div><div><h3 class=\"title\"><a name=\"serverauth-pk-knownhosts\"></a>Using the OpenSSH <code class=\"code\">known_hosts</code> File</h3></div></div></div><a class=\"indexterm\" name=\"id2597926\"></a><p>SSH Tectia Client supports also the OpenSSH-style known_hosts file that \ncontains the public key data of known server hosts, and reads the file by \ndefault from the default location, from the user-specific file \n<code class=\"filename\">$HOME/.ssh/known_hosts</code> or from the system-wide \nfile <code class=\"filename\">/etc/ssh/ssh_known_hosts</code>. Both hashed and \nplain-format host keys are supported.</p><p>In case you wish to define other files to be used for the known host keys, \nyou can specify the files in the Connection Broker configuration file \n<code class=\"filename\">ssh-broker-config.xml</code> by using the \n<code class=\"option\">known-hosts</code> element. Several file locations can be defined \nto be checked for known host keys, and the Connection Broker will read them in the \norder they are defined in the <code class=\"filename\">ssh-broker-config.xml</code> \nfile. Since the configuration file settings will override the default \nbehaviour, you need to define also the default locations of the OpenSSH-style \nknown_hosts file, in case you want them all to be read. For example:</p><pre class=\"programlisting\">&lt;general&gt;\n  ...\n  &lt;known-hosts path=\"/home/username/.ssh/known_hosts\" /&gt;\n  &lt;known-hosts path=\"/etc/ssh/ssh_known_hosts\" /&gt;\n  &lt;known-hosts path=\"/home/.ssh2/hostkeys\" /&gt;\n  &lt;known-hosts path=\"/u/username/.ssh2/hostkeys\" /&gt;\n&lt;/general&gt;\n</pre><p>You can disable OpenSSH known_hosts file handling by defining an \nempty setting: <code class=\"code\">known-hosts path=\"\"</code>. After this, only the \nSSH Tectia-related hostkey directories will be used. </p><p>The OpenSSH known_hosts file is never automatically updated by \nSSH Tectia Client. New host keys are always stored in the SSH Tectia \n<code class=\"code\">$HOME/.ssh2/hostkeys</code> directory or in the directory configured \nas the last one in <code class=\"filename\">ssh-broker-config.xml</code>. See <a href=\"ssh-broker-config.html#element-known-hosts\"><span><strong class=\"command\">known-hosts</strong></span></a> for details.</p></div><div class=\"navfooter\"><table width=\"100%\" summary=\"Navigation footer\"><hr><tr><td width=\"40%\" align=\"left\"></td><th width=\"20%\" align=\"center\"></th><td width=\"40%\" align=\"right\"><a accesskey=\"h\" href=\"index.html\"><img src=\"images/home.gif\" alt=\"Home\"></a><a href=\"ix01.html\"><img src=\"images/index.gif\"></a> <a accesskey=\"p\" href=\"serverauth-pk-keyinfo.html\"><img src=\"images/prev.gif\" alt=\"Prev\"></a> <a accesskey=\"u\" href=\"serverauth-pk.html\"><img src=\"images/up.gif\" alt=\"Up\"></a> <a accesskey=\"n\" href=\"serverauth-cert.html\"><img src=\"images/next.gif\" alt=\"Next\"></a>  </td></tr></table></div><div class=\"copyrightfooter\" align=\"center\"><p class=\"footer\">\n  Copyright <img src=\"images/copyright.gif\"> 2010 SSH Communications Security Corp.<br>\n  This software is protected by international copyright laws. All rights reserved.<br><a href=\"http://www.ssh.com/company/contact/\">Contact Information</a></p></div></div>","head":"<head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"><title>Using the OpenSSH known_hosts File</title><link rel=\"stylesheet\" href=\"sshx.css\" type=\"text/css\"><meta name=\"generator\" content=\"DocBook XSL Stylesheets V1.68.0\"><link rel=\"start\" href=\"index.html\" title=\" SSH Tectia® Client 6.1\"><link rel=\"up\" href=\"serverauth-pk.html\" title=\"Server Authentication with Public Keys\"><link rel=\"prev\" href=\"serverauth-pk-keyinfo.html\" title=\"Resolving Hashed Host Keys\"><link rel=\"next\" href=\"serverauth-cert.html\" title=\"Server Authentication with Certificates\"></head>","url":"/manuals/client-user/61/serverauth-pk-knownhosts.html"}}}