[Bug 3226] Feature request: Prempt fingerprint prompt when connecting to new server

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Oct 30 18:02:29 AEDT 2020


https://bugzilla.mindrot.org/show_bug.cgi?id=3226

Darren Tucker <dtucker at dtucker.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |dtucker at dtucker.net

--- Comment #1 from Darren Tucker <dtucker at dtucker.net> ---
You can automate #1 by abusing SSH_ASKPASS.  It's pretty clunky though, 
plus it'll end poorly if you need to interact to authenticate.

$ ssh -o hostkeyalias=test localhost
The authenticity of host 'test (127.0.0.1)' can't be established.
ED25519 key fingerprint is SHA256:[etc].
Are you sure you want to continue connecting (yes/no/[fingerprint] ^C

$ cat >~/bin/askpass
#!/bin/sh
echo SHA256:[etc]
^D
$ chmod a+x ~/bin/askpass
$ SSH_ASKPASS=~/bin/askpass SSH_ASKPASS_REQUIRE=force ssh -o
hostkeyalias=test localhost
Warning: Permanently added 'test' (ED25519) to the list of known hosts.
Last login: ...

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list