[Bug 1788] New: simple option to ignore known_hosts

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Wed Jun 30 05:03:50 EST 2010


https://bugzilla.mindrot.org/show_bug.cgi?id=1788

           Summary: simple option to ignore known_hosts
           Product: Portable OpenSSH
           Version: 5.5p1
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: ssh
        AssignedTo: unassigned-bugs at mindrot.org
        ReportedBy: avalon at friendofpooh.com


Hello,

when one works with dynamic provisioning of machines, known_hosts
checks stop being an effective security measure and are PITA to deal
with.

For exmaple when one creates lots of Amazon EC2 cloud machines and
connects to them, one gets asked for confirmations as well known_hosts
get bloated with useless records. 

Could you implement a simple option to ignore known_host checks and
also not record fingerprints in known_hosts?

Currently my workaround is like:
Host *.amazonaws.com
   HashKnownHosts no
   CheckHostIP no
   StrictHostKeyChecking no
   UserKnownHostsFile /tmp/somefile

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list