hostkey checking

mouring mouring at
Wed Feb 20 03:04:03 EST 2002

On Tue, 19 Feb 2002, Frank Cusack wrote:
> On Tue, Feb 19, 2002 at 09:24:25AM +0100, Michal Svec wrote:
> > On Tue, 19 Feb 2002, Frank Cusack wrote:
> >
> > Do you have any objections including such an option in the standard
> > openssh? I think that having such possibility is a good thing in closed
> > (temporary) environments where the security needs not to be so paranoid.
> I'm not one of the openssh developers, but I think I can safely
> say there's no way such an option is going to make it into openssh.
> You're probably going to get a lot of flames just for suggesting it. :-)
I will object to it.

> > BTW could you please send me that patch?
> There are other easy ways to do this.  eg, use a quick one-line perl script
> to wipe the hostkeys out of .ssh/known_hosts:
>     perl -i -ne 'print unless /^test/' $HOME/.ssh/known_hosts
> or do something like
>    alias testssh "ssh -o UserKnownHostsFiles=/dev/null"
I think this is his best bet.  It is simple and requires zero
modifications to solve his problem.  And also keeps his known_hosts

- Ben

More information about the openssh-unix-dev mailing list