[Bug 1788] New: simple option to ignore known_hosts
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Wed Jun 30 05:03:50 EST 2010
https://bugzilla.mindrot.org/show_bug.cgi?id=1788
Summary: simple option to ignore known_hosts
Product: Portable OpenSSH
Version: 5.5p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: avalon at friendofpooh.com
Hello,
when one works with dynamic provisioning of machines, known_hosts
checks stop being an effective security measure and are PITA to deal
with.
For exmaple when one creates lots of Amazon EC2 cloud machines and
connects to them, one gets asked for confirmations as well known_hosts
get bloated with useless records.
Could you implement a simple option to ignore known_host checks and
also not record fingerprints in known_hosts?
Currently my workaround is like:
Host *.amazonaws.com
HashKnownHosts no
CheckHostIP no
StrictHostKeyChecking no
UserKnownHostsFile /tmp/somefile
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list