< Notes...

This section from the NetBSD man page for the sleep command cannot be funnier, yet completely valid. I mean, quite useful if you have the time, right?

BUGS

     This sleep command cannot handle requests for durations much longer than
     about 250 billion years.  Any such attempt will result in an error, and
     immediate termination.  It is suggested that when there is a need for
     sleeps exceeding this period, the sleep command be executed in a loop,
     with each individual sleep invocation limited to 200 billion years
     approximately.

Hashing known_hosts is a good idea, as it reduces the amount of information an attacker will collect, if/when (ha!) your machine gets compromised. Usually, a line on the known_hosts file looks like this:

less ~/.ssh/known_hosts
...
tilde.team ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID1zw6+VOW8L4Rr3swbUVju3GGcknaV/fyhSJwH7NLfu
...

After running ssh-keygen -H it will look like this:

less ~/.ssh/known_hosts
...
|1|c6NiIH06AidrkPUman0oPEx6+6Y=|rPhYjXlkLgYaNR8jwaNMy7mur4I= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJsJP1XDyRhEPdtgBeXYm2hf4GKG9aLlqA1+ZPgBadbl
...

That’s it! Oh, and don’t forget to add to your ~/.ssh/config the following, so that future entries are hashed as well:

Host *
	HashKnownHosts yes

grep -i passwd *.log | awk {'print $7'}
...
/etc/passwd
/..%5c..%5c..%5c..%5c..%5cetc%5cpasswd
/....//....//....//etc/passwd
/..%2f..%2f..%2fetc%2fpasswd
/.htpasswd
/config/.htpasswd
/.env.passwd
/backup/.htpasswd
...

With almost 2,000 different tries—of which the above is a small sample—it seems someone is hell-bent on finding a passwd of some sorts. I don’t have one, OK?!