Summarize methods to disable host key checking while connecting ssh.
Environment and Prerequisite
- Linux
- SSH(OpenSSH)
Host Key Checking
- When we connect to remote server by using ssh, client compares client’s saved key and remote server’s key to authenticate server.
- This process prevents from Man-in-the-middle attack.
Disable Host Key Checking When Using SSH
- Remote host’s key will be added if there is no added key in
~/.ssh/known_hosts
. - Connect to remote server even though saved key is different from server’s key.
1. Disable when using ssh command
- Use
StrictHostKeyChecking=no
option.
ssh -o StrictHostKeyChecking=no [DOMAIN_OR_IP]
2. Edit ssh config file
~/.ssh/config
- Add option to specific host like below.
Host twpower-private-server
HostName [IP ADDRESS]
StrictHostKeyChecking no
Port 22
User [USERNAME]
IdentityFile [IDENTITY KEY FILE]
/etc/ssh/ssh_config
- There is
*
in config file. So this disables host key checking to all hosts. /etc/ssh/ssh_config
defines all the default settings for the client utilities for all users on that system.
Host *
StrictHostKeyChecking no