I just noticed that Debian’s
ssh does the right thing and uses hashes rather than IP addresses in
~/.ssh/known_hosts. So, how do you keep the list of known hosts minimal if you can’t delete entries manually any longer?
ssh-keygen has two commandline options that help
% ssh-keygen -F <hostname> % ssh-keygen -R <hostname>
The first will list the entry for the host, the second will delete it (a backup of
known_hosts is made first).
I also noticed that ZSH’s command line completion doesn’t know about these options yet.