Thursday, January 17, 2013

Configuring SSH to Disable Host Key Checking

I often use scp to copy files between Linux/Windows systems, and ssh to remotely log in. In our work environment, we frequently redeploy new virtual machine ISOs. This causes scp and ssh to complain because the host's key has changed. Following the steps at I found at Linux Commando, here is how to configure SSH to disable the standard check for keys. NOTE: This can prevent SSH from detecting a real man-in-the-middle attack, so use with caution. I have configured this to only work with internal IP's. There are two ways to do this. The once-only way is from the command line:
$ ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no
This tells ssh to use /dev/null for the known_hosts file, and to not use strict host key checking. For a more permanent way, put the following into the beginning of your ~/.ssh/config:
Host 192.168.*
StrictHostKeyChecking no
(In my case 192.168.* refers to the internal network. Your environment may be different.)

This works on both Linux and Cygwin.

No comments: