Struct HashedHost 

pub struct HashedHost {
    pub salt: [u8; 20],
    pub hash: [u8; 20],
    pub fingerprint: String,
}

One HashKnownHosts yes entry (M19, FR-84).

OpenSSH replaces the plaintext host column with |1|salt|hash so a casual reader of the known_hosts file cannot enumerate connected hosts. The salt is 20 random bytes (matching HMAC-SHA1’s output width); the hash is HMAC-SHA1(key=salt, data=hostname). Use HashedHost::matches to test a candidate hostname against the stored hash.

Multiple comma-separated |1|... tokens on one source line produce one HashedHost per token, all sharing the same fingerprint.

Fields

salt: [u8; 20]

Per-line random salt used as the HMAC-SHA1 key. Always 20 bytes.

hash: [u8; 20]

HMAC-SHA1(salt, hostname) for the hostname this entry covers. Always 20 bytes.

fingerprint: String

Fingerprint of the host key, e.g. SHA256:uNiVztksCs.... Shared across every HashedHost derived from the same source line.

Implementations

impl HashedHost

pub fn matches(&self, host: &str) -> bool

Returns true iff host is the hostname this entry encodes.

Runs HMAC-SHA1(self.salt, host.as_bytes()) and compares against the stored hash with constant-time equality (via HMAC::verify, which uses [subtle] internally). False on mismatch — never errors.

Trait Implementations

impl Clone for HashedHost

fn clone(&self) -> HashedHost

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for HashedHost

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl PartialEq for HashedHost

fn eq(&self, other: &HashedHost) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Eq for HashedHost

impl StructuralPartialEq for HashedHost