[Gllug] Persuading ssh to be less fussy for one nominated target host
Alain Williams
addw at phcomp.co.uk
Sun Jul 8 19:08:05 UTC 2007
On Sun, Jul 08, 2007 at 07:12:24PM +0100, John Winters wrote:
> I've been fiddling with my ssh settings to try to get it be a bit less
> paranoid when I connect to my test system. I'm continually
> re-installing it and currently I have to edit ~/.ssh/known_hosts each
> time and remove the previous entries for that box.
>
> I've tried putting
>
> StrictHostKeyChecking no
>
> in /etc/ssh/ssh_config (under the entry for that one particular host of
> course) but ssh still won't let me connect until I edit the old entries
> out of ~/.ssh/known_hosts
>
> Does anyone know of a way to tell ssh not to fuss so?
Quite simply -- don't.
Editing ~/.ssh/known_hosts is very little extra overhead on an install,
if you disable this check: you lay yourself open to a man in the middle attack
some time in the future.
The check is there to protect you.
--
Alain Williams
Linux Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer.
+44 (0) 787 668 0256 http://www.phcomp.co.uk/
Parliament Hill Computers Ltd. Registration Information: http://www.phcomp.co.uk/contact.php
#include <std_disclaimer.h>
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list