Flag to turn off host-key check
Michael Loftis
mloftis at wgops.com
Sat Jun 21 05:17:10 EST 2008
Sorry I hit send before I finished composing....
Using that option in combination with some form of DDNS update script and
VerifyHostKeyDNS would get you what you want, with current software. It is
a workaround, yes.
--On June 20, 2008 1:14:04 PM -0600 Michael Loftis <mloftis at wgops.com>
wrote:
>
> --On June 20, 2008 11:04:18 AM -0700 Tobias Karlsson
> <jtkarlsson1973 at yahoo.com> wrote:
>
>> Let me start by saying that I think OpenSSH is a great tool and thanks to
>> everyone contributing to it's existence.
>>
>> However, I have a request:
>>
>> I'd like to have a flag that ignores the check of the host key. I'm fully
>> aware of that this opens up for man-in-the-middle attacks and that there
>> is a risk of lazy users mis-using this feature, but it would be very
>> useful for us using SSH in a lab environment where the host key of the
>> equipment frequently changes.
>
> StrictHostKeyChecking [yes|no|ask] defaults to ask.
>
> ssh -o 'StrictHostKeyChecking no'
> or in ~/.ssh/config/.
>
>
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> openssh-unix-dev mailing list
>> openssh-unix-dev at mindrot.org
>> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>
>
>
> --
> "Genius might be described as a supreme capacity for getting its
> possessors into trouble of all kinds."
> -- Samuel Butler
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
--
"Genius might be described as a supreme capacity for getting its possessors
into trouble of all kinds."
-- Samuel Butler
More information about the openssh-unix-dev
mailing list