Tuesday, 5 October 2021

Disable host key checking while connecting ssh in Linux

 

Environment and Prerequisite

  • Linux
  • SSH(OpenSSH)


Host Key Checking

  • When we connect to remote server by using ssh, client compares client’s saved key and remote server’s key to authenticate server.
  • This process prevents from Man-in-the-middle attack.


Disable Host Key Checking When Using SSH

  • Remote host’s key will be added if there is no added key in ~/.ssh/known_hosts.
  • Connect to remote server even though saved key is different from server’s key.


1. Disable when using ssh command

  • Use StrictHostKeyChecking=no option.
ssh -o StrictHostKeyChecking=no [DOMAIN_OR_IP]


2. Edit ssh config file

~/.ssh/config

  • Add option to specific host like below.
Host twpower-private-server
    HostName [IP ADDRESS]
    StrictHostKeyChecking no
    Port 22
    User [USERNAME]
    IdentityFile [IDENTITY KEY FILE]

/etc/ssh/ssh_config

  • There is * in config file. So this disables host key checking to all hosts.
  • /etc/ssh/ssh_config defines all the default settings for the client utilities for all users on that system.
Host *
    StrictHostKeyChecking no


-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)