[ale] SSH configuraiton

James P. Kinney III jkinney at localnetsolutions.com
Mon Feb 10 12:19:11 EST 2003 

The persistence is due to the remote host IP address changing. Classic
case: remote host using dynamic DNS listing gets new IP address from
ISP. Next ssh connection grips about authenticity as the host key is
good but it is keyed to the IP address.

On Mon, 2003-02-10 at 11:24, Jerry Z. Yu wrote:
> 	if you really really don't care about host authenticity, you can 
> set 'StrictHostKeyChecking' to 'no', so ssh can automatically add new 
> host keys to the user known hosts files.
> 	 $HOME/.ssh/known_hosts should be persistent. Not sure why/what 
> you are referring to on its impersistence?
> 
> 
> On Mon, 10 Feb 2003, Jason Day wrote:
> 
> #On Mon, Feb 10, 2003 at 10:53:48AM -0500, cfowler wrote:
> #> I want to configure ssh_config so that the users do not get the
> #> following message.  I do not care about authenticity of hosts.  I jst
> #> want encryption.  The ~/.ssh/known_hosts file is not persistent across
> #> reboots so this message could become a little bit of a pain
> #
> #I don't think it can be done without a code change, since that would
> #defeat most of the point.  You might be able to work around it, though.
> #You say that ~/.ssh/known_hosts is not persistent, but could you make a
> #persistent known_hosts file?  If so, you could set the
> #StrictHostKeyChecking options to "yes" and the UserKnownHostsFile option
> #to a persistent known_hosts file, which you would have to maintain.  If
> #the server keys ever change, though, you will have to update the
> #known_hosts file, or your users won't be able to connect.
> #
> #Jason
> #-- 
> #Jason Day                                       jasonday at
> #http://jasonday.home.att.net                    worldnet dot att dot net
> # 
> #"Of course I'm paranoid, everyone is trying to kill me."
> #    -- Weyoun-6, Star Trek: Deep Space 9
> #_______________________________________________
> #Ale mailing list
> #Ale at ale.org
> #http://www.ale.org/mailman/listinfo/ale
> #
> 
> Jerry Z. Yu				+1-404-487-8544 (O)
> systems engineer			z.yu at voicecom.com
> is support, voicecom, llc		www.voicecom.com
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
-- 
James P. Kinney III          \Changing the mobile computing world/
CEO & Director of Engineering \          one Linux user         /
Local Net Solutions,LLC        \           at a time.          /
770-493-8244                    \.___________________________./
http://www.localnetsolutions.com

GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) <jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 

 This is a digitally signed message part

More information about the Ale mailing list