When you connect to a ssh server for the first time, you will be shown a fingerprint, a hash of its full host key, and asked to confirm its validity, and accept the host key. Once confirmed, the host key will be added to ~/.ssh/known_hosts file. However, in a controlled environment where the authenticity of ssh hosts is already known, you may want to automatically accept a new host key without checking. This will be useful when you ssh/scp in a non-interactive batch processing script.
In this post, I will describe how to automatically accept ssh host keys on Linux.
The ssh command allows you to use "-oStrictHostKeyChecking=[yes|no]" command line option to enable or disable ssh host key checking. To ssh without strict host key checking, run the following.
In this case, you will not be prompted to accept a host key. Note that you may still see "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED" message if the host key does not match with a previously added host key of the same host. If you don't want any such warning, you can use "-oUserKnownHostsFile=/dev/null" option, which makes ssh not use ~/.ssh/known_hosts, and so makes such warnings disappear.
If you want to disable strict host key checking permanently in ssh, you can use ssh configuration (i.e., ~/.ssh/config or /etc/ssh/ssh_config). In this case, you can selectively disable ssh host key checking for particular hosts. For example, add the following to either ~/.ssh/config or /etc/ssh/ssh_config.
To disable host key checking for a particular host (e.g., remote_host.com):
Host remote_host.com StrictHostKeyChecking no
To turn off host key checking for all hosts you connect to:
Host * StrictHostKeyChecking no
To avoid host key verification, and not use known_hosts file for 192.168.1.* subnet:
Host 192.168.0.* StrictHostKeyChecking no UserKnownHostsFile=/dev/null
Subscribe to Xmodulo
You can have daily Linux tutorials and FAQs delivered to your email inbox. Simply enter your email address below to subscribe to our mailing list. You will receive hands-on guides and carefully written tutorials related to Linux, everything for free.