How to disable strict host key checking in ssh?
I would like to disable strict host key checking in ssh
for Ubuntu 11.04. How to do it?
Solution 1:
In your ~/.ssh/config
(if this file doesn't exist, just create it):
Host *
StrictHostKeyChecking no
This will turn it off for all hosts you connect to. You can replace the *
with a hostname pattern if you only want it to apply to some hosts.
Make sure the permissions on the file restrict access to yourself only:
sudo chmod 400 ~/.ssh/config
Solution 2:
Rather than adding it to your ~/.ssh/config
file for all Host *, it would be a safer to specify a particular host.
You can also pass a parameter on the command-line like this:
ssh -o StrictHostKeyChecking=no yourHardenedHost.com
This will automatically add the host key to your known_hosts file if it's not already there.
If there's a mismatch, it will display a big warning and not update known_hosts. It will also disable password-based authentication to prevent MITM attacks. Private key authentication will still automatically get through though, which you may not want.