[X-Unix] SSH trouble

Stroller MacMonster at myrealbox.com
Fri Mar 18 09:15:42 PST 2005


On Mar 18, 2005, at 3:31 am, Dmytro Koval'ov wrote:
>
> What you can do (warning: this wiil disable host sanity checking, so
> do this only if you know for sure, that yuo are connecting to right
> host).
>
> 1) add line
> StrictHostKeyChecking no to ~/.ssh/ssh_config
> 2)
>   $ rm ~/.ssh/known_hosts
>   $ ln -s /dev/null ~/.ssh/known_hosts
>
> This way your local host ignores the fact that there's is no line in
> known_hosts corresponding to remote machine, gives you a warning about
> adding new line and adds new line to /dev/null.
>
> Tested. Proved to work.

That's pretty questionable security tho'. If you ssh to multiple 
machines on a regular basis, then you have ensured that you will never 
check the key on any of them. Better to just ignore dodgy keys on a 
per-host basis.

I have the following line in my .bash_profile:
   alias ssg="ssh -o StrictHostKeyChecking=no -o 
UserKnownHostsFile=/dev/null"

So if I want to ssh to a machine on which the host key is likely to 
change on a regular basis I just `ssg machineIamInstallingFromLiveCD`. 
It squaks about adding a key to the known hosts file, but only for the 
duration of this session that's the bitbucket, the same as you have it. 
I'm pretty sure I tried `alias ssg="ssh -q -o StrictHostKeyChecking=no 
-o UserKnownHostsFile=/dev/null"` but that that failed to report some 
other errors correctly.

Stroller.



More information about the X-Unix mailing list