[Bug 1993] ssh tries to add keys to ~/.ssh/known_hosts though StrictHostKeyChecking yes is set

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu May 28 17:45:37 AEST 2015


https://bugzilla.mindrot.org/show_bug.cgi?id=1993

--- Comment #8 from Damien Miller <djm at mindrot.org> ---
The hostkeys-00 at openssh.com extension has to be explicitly enabled via
UpdateHostKeys=yes|ask

The OP's question is the CheckHostIP option updating addresses for
hostnames it already knows about. We could probably clarify the
documentation for this behaviour, but if you want to avoid it use:

UserKnownHostsFile none
SystemKnownHostsFile /etc/ssh/known_hosts ~/.ssh/known_hosts

to get ssh to treat the known hosts file as a system (read-only) rather
than a user (r/w) file.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list