[Bug 1993] ssh tries to add keys to ~/.ssh/known_hosts though StrictHostKeyChecking yes is set

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed May 15 05:21:56 EST 2013


https://bugzilla.mindrot.org/show_bug.cgi?id=1993

alex at testcore.net changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |alex at testcore.net
            Version|5.9p1                       |6.2p1

--- Comment #1 from alex at testcore.net ---
Also encountered this (on 6.2p1-1) and found that the
StrictHostKeyChecking option is entirely non-functional:

Set this up in ~/.ssh/config:

host 192.168.*,10.*
StrictHostKeyChecking no

But it has no effect when ssh'ing to any boxes in the defined networks.
 If a key is present in known_hosts file, but the host itself has
changed, it craps out with the "WARNING: REMOTE HOST IDENTIFICATION HAS
CHANGED!" message.

Uncommenting "StrictHostKeyChecking no" in /etc/ssh/ssh_config has the
same result.

Finally, even using the CLI option "-o StrictHostKeyChecking=no"
doesn't work and errors the same way.  And, If the key isn't present,
it still gets auto-saved:

>ssh -o StrictHostKeyChecking=no root at 192.168.1.1
Warning: Permanently added '192.168.1.1' (RSA) to the list of known
hosts.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list