Temporarily ignore my `~/.ssh/known_hosts` file?

Solution 1:

You can use ssh -o StrictHostKeyChecking=no to turn off checking known_hosts momentarily. But I'd advise against this. You should really check why the host key has changed.

Another option is to add a specific entry to your ~/.ssh/config for the host in question. This might be valid approach if you have a certain host which generates new host keys every time it reboots and it gets rebooted for a valid reason several times a day.

Host <your problematic host>
  StrictHostKeyChecking no

Solution 2:

To completely ignore your known hosts file in a POSIX environment, set the GlobalKnownHostsFile and UserKnownHostsFile options to /dev/null:

ssh -o GlobalKnownHostsFile=/dev/null -o UserKnownHostsFile=/dev/null user@host

Setting the StrictHostKeyChecking=no option will allow you to connect but SSH will still show a warning:

ssh -o StrictHostKeyChecking=no user@host

As others have noted, it's probably better to address the underlying issue. You could consider SSH certificate authentication to verify hosts, for example.

Solution 3:

If you have reinstalled the server and therefore the Identification has changed, you should just delete the specified line 155 from /Users/alexus/.ssh/known_hosts and go ahead.

If you switch between different private networks, you should use hostnames to connect instead, as the ssh client will also save keys depending on the hostname. Add something like this to your /etc/hosts:

10.52.11.171 server1
10.52.11.171 server2

and then use ssh server1 when connected to subnet 1 and ssh server2 when connected to subnet2. This way, both servers can have different hostkeys.

Solution 4:

-o StrictHostKeyChecking=no only works if host isn't already present in known_hosts file.

I think it is cleaner (no warnings), if you expect hosts key to change maybe due to vm cloning, to enforce ignoring of those kind of hosts like this:

# Handle possible SSH key changes
host_key=$(ssh-keyscan -t rsa ${host_ip})
grep "${host_key}" ~/.ssh/known_hosts >/dev/null || {
    ssh-keygen -R ${host_ip}
    echo ${host_key} >>  ~/.ssh/known_hosts
}

# connect as normal way
ssh root@${host_ip} "hostname"

Solution 5:

Some people say its not right, you don't shold do this and so on, but i need this also to test couple of embedded devices over and over again. You need to disable StrictHostKeyChecking=no, this is right, but also reset known hosts file to /dev/null. Here an exemple with autologin and ps on remote device.

sshpass -p pass ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null user@host 'ps ax'

Tags:

Linux

Ssh

Recent Posts