SCP support for -o StrictHostKeyChecking=no broken
Francois Isabelle
isabellf at sympatico.ca
Tue Oct 23 10:17:54 EST 2012
Yeah, I should have tried this before but I only checked the bug list and didn't find any report. One thing to note though is that my system wide configuration has 'ask' set for this option. I'll try to reproduce on recent versions soon.
Thank you
Frank
Darren Tucker <dtucker at zip.com.au> a écrit :
>On Mon, Oct 22, 2012 at 03:21:06PM -0400, François Isabelle wrote:
>> With SCP, it seems like the option precedence is ignored.
>> Although this seems to work well with SSH.
>[...]
>> $ssh -V
>> OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
>
>Can you reproduce this with a current version? Works for me:
>
>$ scp -o stricthostkeychecking=yes /tmp/a localhost:/tmp/b
>No RSA host key is known for doesnotexist and you have requested strict
>checking.
>Host key verification failed.
>lost connection
>
>$ scp -o stricthostkeychecking=no /tmp/a localhost:/tmp/b
>Warning: Permanently added 'doesnotexist' (RSA) to the list of known
>hosts.
>a 100% 0 0.0KB/s 00:00
>
>$ ssh -V
>OpenSSH_6.1, OpenSSL 1.0.1c 10 May 2012
>
>--
>Darren Tucker (dtucker at zip.com.au)
>GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
> Good judgement comes with experience. Unfortunately, the experience
>usually comes from bad judgement.
>
More information about the openssh-unix-dev
mailing list