发表新帖
发表新帖

ssh: The authenticity of host 'hostname' can't be established

前端 未结
关注
16 1098
时光取名叫无心
时光取名叫无心 2020-12-04 05:04

When i ssh to a machine, sometime i get this error warning and it prompts to say \"yes\" or \"no\". This cause some trouble when running from scripts that automatically ssh

相关标签:
16条回答
  • 悲&欢浪女
    2020-12-04 05:38

    Depending on your ssh client, you can set the StrictHostKeyChecking option to no on the command line, and/or send the key to a null known_hosts file. You can also set these options in your config file, either for all hosts or for a given set of IP addresses or host names.

    ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no

    EDIT

    As @IanDunn notes, there are security risks to doing this. If the resource you're connecting to has been spoofed by an attacker, they could potentially replay the destination server's challenge back to you, fooling you into thinking that you're connecting to the remote resource while in fact they are connecting to that resource with your credentials. You should carefully consider whether that's an appropriate risk to take on before altering your connection mechanism to skip HostKeyChecking.

    Reference.

    0 讨论(0)
  • 天涯浪人
    2020-12-04 05:39

    I had the same error and wanted to draw attention to the fact that - as it just happened to me - you might just have wrong privileges.
    You've set up your .ssh directory as either regular or root user and thus you need to be the correct user. When this error appeared, I was root but I configured .ssh as regular user. Exiting root fixed it.

    0 讨论(0)
  • 时光说笑
    2020-12-04 05:44

    This warning is issued due the security features, do not disable this feature.

    It's just displayed once.

    If it still appears after second connection, the problem is probably in writing to the known_hosts file. In this case you'll also get the following message:

    Failed to add the host to the list of known hosts

    You may fix it by changing owner of changing the permissions of the file to be writable by your user.

    sudo chown -v $USER ~/.ssh/known_hosts
    0 讨论(0)
  • 小鲜肉
    2020-12-04 05:45

    Edit your config file normally located at '~/.ssh/config', and at the beggining of the file, add the below lines 

    Host *
    User                   your_login_user
    StrictHostKeyChecking  no
    IdentityFile          ~/my_path/id_rsa.pub

    User set to your_login_user says that this settings belongs to your_login_user
    StrictHostKeyChecking set to no will avoid the prompt
    IdentityFile is path to RSA key

    This works for me and my scripts, good luck to you.

    0 讨论(0)
  • 时光说笑
    2020-12-04 05:45

    The following steps are used to authenticate yourself to the host

    1. Generate a ssh key. You will be asked to create a password for the key
    ssh-keygen -f ~/.ssh/id_ecdsa -t ecdsa -b 521

    (above uses the recommended encryption technique)

    1. Copy the key over to the remote host
    ssh-copy-id -i ~/.ssh/id_ecdsa user@host

    N.B the user @ host will be different to you. You will need to type in the password for this server, not the keys password.

    1. You can now login to the server securely and not get an error message.
    ssh user@host

    All source information is located here: ssh-keygen

    0 讨论(0)
  • 名媛妹妹
    2020-12-04 05:46

    Add these to your /etc/ssh/ssh_config

    Host *
UserKnownHostsFile=/dev/null
StrictHostKeyChecking=no
    0 讨论(0)
 看不清?
提交回复
热议问题