ProgrammingThis forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Probably not a good idea to disable entirely (see Man in the middle attacks) but look at StrictHostKeyChecking in ssh.conf
ssh automatically maintains and checks a database containing identifica-
tion for all hosts it has ever been used with. Host keys are stored in
~/.ssh/known_hosts in the user's home directory. Additionally, the file
/etc/ssh/ssh_known_hosts is automatically checked for known hosts. Any
new hosts are automatically added to the user's file. If a host's iden-
tification ever changes, ssh warns about this and disables password
authentication to prevent server spoofing or man-in-the-middle attacks,
which could otherwise be used to circumvent the encryption. The
StrictHostKeyChecking option can be used to control logins to machines
whose host key is not known or has changed.
Yes, I know. But I want to set up a basic environment within a shell script. In that I want to include the basic connection to a backup server (in order for the user not to have to say 'yes').
So I know the host key will be correct, but I just need to be able to say "yes" to it in an automatic way...
I also checked the sources of OpenSSH and it seems it is reading/writing from & to /dev/tty... Is there a possibility to say yes automatically?
Yes, I know. But I want to set up a basic environment within a shell script. In that I want to include the basic connection to a backup server (in order for the user not to have to say 'yes').
So I know the host key will be correct, but I just need to be able to say "yes" to it in an automatic way...
I also checked the sources of OpenSSH and it seems it is reading/writing from & to /dev/tty... Is there a possibility to say yes automatically?
Thanks for the 80%! :-) Have you actually tried it using a batch file yet? I'm running batch file ssh connects on a machine that has StrictHostKeyChecking set to 'ask' in the ssh_config, and it doesn't stop for any input. I have an idea that there is a special case for batch files, but can't find any reference to this.
####### StrictHostKeyChecking
#
# If this flag is set to "yes", ssh will never automatically add
# host keys to the $HOME/.ssh/known_hosts and
# $HOME/.ssh/known_hosts2 files, and refuses to connect to hosts
# whose host key has changed. This provides maximum protection
# against trojan horse attacks. However, it can be somewhat annoy-
# ing if you don"t have good /etc/ssh_known_hosts and
# /etc/ssh_known_hosts2 files installed and frequently connect to
# new hosts. This option forces the user to manually add all new
# hosts. If this flag is set to "no", ssh will automatically add
# new host keys to the user known hosts files. If this flag is set
# to "ask", new host keys will be added to the user known host
# files only after the user has confirmed that is what they really
# want to do, and ssh will refuse to connect to hosts whose host
# key has changed. The host keys of known hosts will be verified
# automatically in all cases. The argument must be "yes", "no"
# or "ask". The default is "ask"
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.