known unknown_hosts
OpenSSH maintains a file called "~/.ssh/known_hosts", where it stores the SSH keys of the hosts it's visited before in an attempt to avoid MITM-attacks. This is good.
However, I have a range of IP addresses on this network here that are used for ever-changing hosts; customer's machines that are at my office, and which I need to temporarily give a network connection in order to allow them to download stuff (and because typing in an xterm on my laptop rather than on a different keyboard and to a different monitor is just so much more convenient). Therefore, I know that these IP addresses will change from time to time. At this point, known_hosts is an annoyance. And since I never connect to those hosts except from machines that I trust and/or through routers that I trust, there's no advantage to be gained in having the protection that known_hosts offers, anyway.
So, dear lazyweb: is there a way to tell OpenSSH that when it tries to connect to host A, B, or C, that it does not need to store stuff in known_hosts, and that it should just assume the key is valid?
Update:StrictHostKeyChecking no and
UserKnownHostsFile /dev/null will do what I want. Obviously I
do want to set these options in a specific Host
stanza—i.e., not Host *.
Thanks, madduck!
Welll, this isn't a pretty fix but it might work well enough, if instead of using the IP address you define the hosts in ~/.ssh/config as follows:
Then it'll use /dev/null as the known hosts file for that entry, you then use ssh person@somename instead of ssh person@ip.
It's not the cleanest thing in the world, but it should work.