Bypass SSH fingerprint check
I have spent years trying to work out how to bypass the fingerprint check when you start an SSH session to a new host. Finally, I have found it… and it’s easy.
Why would you want to… I know the reason the ssh command does not allow you to do this is for security reasons, but if you are monitoring a host from a list, and need to keep the list dynamic you don’t want to have to keep logging in and then setting up the keys for the first time. ssh-keyscan to the rescue.
Here is a really simple example of how to use it (you must supply the hostname as the first parameter).
#!/bin/sh
function addHost() {
mkdir -p $HOME/.ssh
touch $HOME/.ssh/known_hosts
chmod 644 $HOME/.ssh/known_hosts
pkey=`grep $1 $HOME/.ssh/known_hosts`
if [ "$pkey" = "" ]
then
echo "Adding $1 to known hosts"
ssh-keyscan -t rsa $1 >> $HOME/.ssh/known_hosts
fi
}
if [ "$1" = "" ]
then
echo "usage: `basename $0` <host> [<ssh>]"
exit 1
fi
addHost $1
ssh $*
Just add:
-o StrictHostKeyChecking=no
to the command line and it will autoadd the hosts it sees without challenge
Thanks for the great suggestion. I wish I found it sooner as I never thought you could disable/ignore known host (fingerprint) prompt soo easily.