Re: Disabling host key checking on LAN

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Are you connecting by specifying "ssh HOSTNAME" instead of "ssh IP.IP.IP.IP"?

If this is the case, then "Host 192.168.*.*" line never matches when
you think it should.

>From ssh_config manpage:
"The host is the hostname argument given on the command line (i.e. the
name is not converted to a canonicalized host name before matching)."

b.

On 27 August 2015 at 00:21, Walter Carlson <wlcrls47@xxxxxxxxx> wrote:
> If I want to specify for LAN addresses that I don't want to deal with host
> keys, how do I do that?  Understanding the risks, knowing almost everyone
> will say not to do this - it's a horrible idea, but deciding I want to do
> it anyway.  Tired of having to remove entries from known_hosts with the
> multiple VM's I have that often change fingerprints, and am willing to live
> with the risks.
>
> /etc/ssh/ssh_config
> Host 192.168.*.*
>    StrictHostKeyChecking no
>    UserKnownHostsFile /dev/null
>
> or
>    UserKnownHostsFile none
>
> Isn't doing the trick.  With no known_hosts file in ~/.ssh or /etc, I still
> get:
> The authenticity of host '<hostname> (192.168.2.2)' can't be established.
> ECDSA key fingerprint is SHA256:.....
> Are you sure you want to continue connecting (yes/no)?
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev@xxxxxxxxxxx
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux