Describe the bug
It does not make a difference for when a program only has a single SSH2_SESSION. Mine, however, opens and closes many -- and loading the known hosts database for each one becomes expensive.

The obvious way is to have it loaded once -- but then that one session can not be freed, requiring one to keep a reference to it.

I ended up dedicating a session to just that -- the known-hosts database -- without any socket, but that's quite an overhead of its own, given the size of the struct _LIBSSH2_SESSION with all the buffers in it...

Why does libssh2_knownhost_init need a session-argument at all? Is it just so that the session-specific malloc/free are used to manipulate the memory?

To Reproduce
Try using the result of an earlier call libssh2_knownhost_init(session) after the libssh2_session_free(session) -- valgrind (or Purify) will flag it as "access after free".

Expected behavior
The known hosts database is local and independent of any session/connection. The API should reflect that.

Version (please complete the following information):

• OS and version: FreeBSD-13, RHEL7
• libssh2 version: 1.10.0, 1.8.0 respectively
• crypto backend and version: OpenSSL