[Martijn van Oosterhout]
> To be honest, I think it would be far more useful to timestamp each
> entry so you can simply expire old ones.

Last access time, it'd have to be, not create time.  Meaning, every
time ssh runs, it rewrites .ssh_known_hosts (and not just appends to
it).  Which implies locking, possibly over NFS, which is particularly
enjoyable.

Well, if the timestamp representation is fixed-length I suppose you
don't really have to lock the file....

Attachment: signature.asc
Description: Digital signature

Reply via email to