What is the known_hosts File for SSH in Linux?

In Linux, the “known_hosts” file stores all public keys of remote servers that are connected through SSH. These keys authenticate the servers’ identity when connecting to the client system. The “known_hosts” file is located in the client machine, ensuring a secure connection between remote systems.

This guide will offer the purpose of the “known_hosts” file and how to access it in Linux. The content of this tutorial is as follows:

Let’s start with the basics of the “known_hosts” file.

What is the “known_hosts” File?

The “known_host” file stores the public keys in an encrypted format that is automatically updated during a new connection to the server. These keys help access the remote server. Let’s look at some pros of this file which signifies its importance:

Pros of known_hosts File

The pros of know_host file are provided in the enlisted form:

  • Automatically store the public key of an unknown host.
  • Easy to Access
  • Helpful to Avoid the “Man in Middle Attack”.
  • Reduce the managing efforts of system administrators.
  • Keys are stored in the hash format.

Now, we will elaborate on the access of the “known_hosts” file and perform various operations such as adding, removing keys, or getting details of the remote system.

How to Access the “known_hosts” File?

To know the information of the host’s keys stored in the “known_hosts” file, access it through the nano editor with the “sudo” privilege:

$ sudo nano ~/.ssh/known_hosts

The output displays the several host keys in the “known_hosts” file. Additionally, users can manually copy the encrypted key.

How to Add a key to the “known_hosts” File?

To generate the public/private key pair, the “ssh-keygen” utility requires the “t” option for the type of encryption scheme “rsa”:

$ ssh-keygen -t rsa

The output returns that the public key has been successfully generated.

How to Remove a Key From the “known_hosts” File?

To remove the stored key in the “known_hosts” file, the “-R” option is utilized by specifying the IP address of the remote server. To do so, the below script will remove the key and update the “known_hosts” file:

$ ssh-keygen -R

The output shows that the “known_hosts” file has been successfully updated.

How to Get Remote System Details From the known_hosts File?

To get details about a remote system from the known_hosts file, you can use the ssh-keygen command with the -F option and specify the remote system’s hostname:

$ ssh-keygen -F ubuntu

This will display the public key for the specified host, as well as any other information that is stored in the known_hosts file for that host.

Note: The known_hosts file only stores information about systems you have previously connected to using ssh. If you have not connected to a particular system before, its information will not be stored in the known_hosts file.

That is all from the “known_hosts” file.


In Linux, the “known_hosts” file contains the host keys of remote servers. Each key is associated with the server address that is used for authentication. Additionally, users can access or modify the “known_hosts” file via the nano editor. This guide has explained the purpose, pros, and accessibility of “known_hosts” files in Linux.