Date: Fri, 25 Apr 2008 17:09:39 +0100 From: Anton Shterenlikht <mexas@bristol.ac.uk> To: freebsd-questions@freebsd.org Subject: ssh StrictHostKeyChecking=no refuse connection when key changed Message-ID: <20080425160939.GA9863@mech-aslap33.men.bris.ac.uk>
next in thread | raw e-mail | index | archive | help
Is it normal that StrictHostKeyChecking=no in .ssh/config still refuses ssh connection when host ID has changed. I've a setup in which host ids change frequently. How can I setup ssh so that it ignores key change. % ssh -oPort=xxxxx xx.xx.xx.xx @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the DSA host key has just been changed. The fingerprint for the DSA key sent by the remote host is [skip] Please contact your system administrator. Add correct host key in /home/mexas/.ssh/known_hosts to get rid of this message. Offending key in /home/mexas/.ssh/known_hosts:1 Password authentication is disabled to avoid man-in-the-middle attacks. Keyboard-interactive authentication is disabled to avoid man-in-the-middle attacks. Permission denied (publickey,password). % many thanks anton -- Anton Shterenlikht Room 2.6, Queen's Building Mech Eng Dept Bristol University University Walk, Bristol BS8 1TR, UK Tel: +44 (0)117 928 8233 Fax: +44 (0)117 929 4423
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080425160939.GA9863>