Agnus Dei (jackal) wrote in linux,
Agnus Dei
jackal
linux

How to log into a host via ssh and completely ignore host keys.

How to log into a host via ssh and completely ignore host keys.

[jackal@brads-mac]# ssh -o LogLevel=quiet -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no www.somehost.com date
Thu Jun 6 15:32:55 UTC 2013


How cool is that?

Completely ignores host keys. So you'll never see an error like this again:

[jackal@brads-mac]# ssh www.somehost.com
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
90:9c:46:ab:03:1d:30:2c:5c:87:c5:c7:d9:13:5d:75.
Please contact your system administrator.
Add correct host key in /home/user/.ssh/known_hosts to get rid of this message.
Offending key in /home/user/.ssh/known_hosts:1
Password authentication is disabled to avoid man-in-the-middle attacks.
Agent forwarding is disabled to avoid man-in-the-middle attacks.
X11 forwarding is disabled to avoid man-in-the-middle attacks.
Permission denied (publickey,password,keyboard-interactive).
$



Now to make it permanent:  Add the following lines to the beginning of the SSH configuration file (~/.ssh/config).

Host *.somehost.com
  StrictHostKeyChecking no
  UserKnownHostsFile=/dev/null
  LogLevel=quiet


You can ever remove your ~/.ssh/known_hosts file as it will no longer be needed or read anymore.
Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your IP address will be recorded 

  • 13 comments