Disabling host key checking on LAN

Bostjan Skufca bostjan at a2o.si
Sat Aug 29 00:37:19 AEST 2015


On 28 August 2015 at 15:10, Nico Kadel-Garcia <nkadel at gmail.com> wrote:
>
> In environments where critical server hostnames and IP addresses are
> not tied to consistent SSH keys, I'm afraid there is little choice but
> to discard the use of known_hosts.
>

Shouldn't in such complex environments configuration management
pre-generate known_hosts from collected facts from hosts?

I know it is a hassle, but having a fuse that ensures that you are indeed
connecting to what you think you are connecting to is something worth
having, or not?

b.


More information about the openssh-unix-dev mailing list