Login or Register to Ask a Question and Join Our Community


Solaris

ssh and fingerprint

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Solaris ssh and fingerprint
# 1  
Old 03-26-2008
ssh and fingerprint
hello

any way to avoid the fingerprint authenticity step when I ssh the first time to a server by always setting a 'yes' as a default answer?

thanks
# 2  
Old 03-26-2008
I don't think so, unless you wrap the whole login process in expect script,
Code:
expect *yes*no*
send "yes\r"

# 3  
Old 03-26-2008
Hello and thanks for your reply

I will install expect. However, I did not get how to "wrap" the ssh with expect. Can you please tell me how you use expect with ssh?

thank you for your support.
# 4  
Old 03-26-2008
Edit ssh_config and change this line:
Code:
#   StrictHostKeyChecking ask

to
Code:
 StrictHostKeyChecking no

... if the fiingerprint is not in known_hosts, it will be added automatically.

.. and that is ssh_config , not sshd_config
# 5  
Old 03-27-2008
I am sorry but setting StrictHostKeyChecking to no has no effect.
# 6  
Old 03-27-2008
A wrapper is typically a script in your $HOME/bin with the name of the command you want to invoke. So -- provided your PATH is correctly set up -- the wrapper takes precedence, and is executed instead of the system command. It is then free to rearrange things, and eventually invoke the system version of the command (by using a full path to the system command, for example).
# 7  
Old 03-27-2008
Quote:
The option StrictHostKeyChecking specifies whether or not ssh will automatically add new host keys to the $HOME/.ssh/known_hosts file, or never automatically add new host keys to the host file. This option, when set to yes, provides maximum protection against Trojan horse attacks. One interesting procedure with this option is to set it to no at the beginning, allow ssh to add automatically all common hosts to the host file as they are connected to, and then return to set it to yes to take advantage of this feature.
- this is what I found in internet, but that definitely doesn't work, I know about the option, but the question is being asked all the time.
Wrapping up the whole process in expect script would make sense for automated tasks, but for user experience, just enter Yes Smilie
Login or Register to Ask a Question

Previous Thread | Next Thread

6 More Discussions You Might Find Interesting

1. Windows & DOS: Issues & Discussions

Accept fingerprint automaticaly secureCRT

Hello, Is it any way to accept automaticaly the fingerprints? The basic idea is to find a way to give a command to many servers at once. So i thought to create a multiple session with all the connections opened them in multiple tabs and give the command at once to all the opened windows... (0 Replies)
Discussion started by: @dagio
0 Replies

2. UNIX for Dummies Questions & Answers

How to change the RSA key fingerprint?

Hi there, I have a Linux Debian machine with the following fingerprint : e1:95:11:46:ff:d1:e3:4a:a3:34:1a:25:b4:d8:f1:cb. I'd like to set this fingerprint to : cd:19:bd:f6:8e:00:7a:69:14:52:a1:73:cb:15:a5:ca. I have very specific reasons to do that. So please only answer if you know how... (5 Replies)
Discussion started by: chebarbudo
5 Replies

3. Shell Programming and Scripting

Capture RSA fingerprint from ssh response

Hi. I'm trying to automate access to an Amazon Web Services machine instance. What this means is that my script is trying to use ssh to connect to a new server every time. I know the RSA fingerprint of my new server through an out-of-band channel. I would like to capture the RSA fingerprint... (0 Replies)
Discussion started by: chorlton
0 Replies

4. Shell Programming and Scripting

RSA key fingerprint needs to be avoided.

Hi All, I need to scp a folder from one host to another in a script. When I run a command , it asks me to authenticate for the RSA key fingerprint for the first time. # scp -r temp1 root@iqcarrot:/root/ The authenticity of host 'iqmango.apac.avaya.com (148.147.172.112)' can't be... (2 Replies)
Discussion started by: nua7
2 Replies

5. UNIX for Dummies Questions & Answers

Register RSA Key fingerprint with JVM 1.4.2

Hi, We wish to register RSA key fingerprint with JVM 1.4.2 under UNIX environment. Any inputs how to go for it? The output we are getting as "The authenticity of host 'sxfer01.bluecrossmn.com (159.136.224.30)' can't be established. RSA key fingerprint is... (0 Replies)
Discussion started by: asawari
0 Replies

6. Cybersecurity

ssh DSA Key fingerprint option

Hi, I have an cron-script running ssh every 5 minutes. After a reboot cron errors as ssh is wating for a DSA key fingerprint authenticy. The request looks as following : The authenticity of host '*** (*.*.*.0)' can't be established. DSA key fingerprint is... (1 Reply)
Discussion started by: davidg
1 Replies
Login or Register to Ask a Question