known_hosts question for Ubuntu Server 14.04 and 16.04 LTS

[Brian McKee]

Hello & thanks for reading.

I'm having a problem configuring known_hosts from scripts so an accept
key yes/no prompt doesn't appear.

I'm using this command to detect if the server is known and add it to
known_hosts:

if ! ssh-keygen -F ${IP_ADDR} -f ~/.ssh/known_hosts > /dev/null 2>&1; t
hen ssh-keyscan -p ${PORT} ${IP_ADDR} >> ~/.ssh/known_hosts; fi

This works fine for the machine that has only one port (22) in
sshd_config, but for a machine that is being accessed on a
non-standard port (they happen to be different versions of Ubuntu as
well, I don't think that's the difference), the code has to be changed
to this:

if ! ssh-keygen -F [${IP_ADDR}]:${PORT} -f ~/.ssh/known_hosts > /dev/null 2>&1;
then ssh-keyscan -p ${PORT} ${IP_ADDR} >> ~/.ssh/known_hosts; fi

And, as suggested for security, if I add -H to the ssh-keyscan, then
the IP addresses are hashed and the if statement fails every time, no
matter what so the keys are added over and over again.

I figure I'm doing something wrong. Is there a generic way to cause
ssh to generate keys for known_hosts consistently across multiple
configurations with a hash?

Thanks,

Brian