Hello & thanks for reading. I'm having a problem configuring known_hosts from scripts so an accept key yes/no prompt doesn't appear. I'm using this command to detect if the server is known and add it to known_hosts: if ! ssh-keygen -F ${IP_ADDR} -f ~/.ssh/known_hosts > /dev/null 2>&1; t hen ssh-keyscan -p ${PORT} ${IP_ADDR} >> ~/.ssh/known_hosts; fi This works fine for the machine that has only one port (22) in sshd_config, but for a machine that is being accessed on a non-standard port (they happen to be different versions of Ubuntu as well, I don't think that's the difference), the code has to be changed to this: if ! ssh-keygen -F [${IP_ADDR}]:${PORT} -f ~/.ssh/known_hosts > /dev/null 2>&1; then ssh-keyscan -p ${PORT} ${IP_ADDR} >> ~/.ssh/known_hosts; fi And, as suggested for security, if I add -H to the ssh-keyscan, then the IP addresses are hashed and the if statement fails every time, no matter what so the keys are added over and over again. I figure I'm doing something wrong. Is there a generic way to cause ssh to generate keys for known_hosts consistently across multiple configurations with a hash? Thanks, Brian _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev