I often create and destroy a virtual machine multiple times in development. SSH records the host and key and often complains about a changed value for a given key. As I am attempting to automate more and more, I need to be able to communicate with these recreated hosts without dealing with the warning messages.
#!/bin/sh
if test "$#" -lt 1
then
echo "usage $0 "
echo
echo "Will remove the ipaddress from the known hosts file,"
echo "and then make an ssh call to the host without strict,"
echo "host checking to repopulate it. This is risky if you"
echo "do not know for certain that you are talking to the"
echo "correct host."
exit 1
fi
IPADDR=$1
if test "$#" -eq 2
then
USERNAME=$2
else
USERNAME=centos
fi
sed -i.bak '/^$IPADDR/d' ~/.ssh/known_hosts
ssh -o "StrictHostKeyChecking=no" $USERNAME@$IPADDR hostname
I am using xip.io for that. With the following configuration for SSH:
Host *.xip.io
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentitiesOnly yes
LogLevel FATAL
I use sshpass for these cases.
sshpass -p PASSWORD ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null root@1.2.3.4
Well, not exactly for these, but as part of. `-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null` are ssh args.
Or, just use `ssh-keygen -R` 🙂
Why not ssh-keygen -R ?
ssh-keygen -R example.com
So, I think a bunch of you are misunderstanding the use case. Yes, ssh-keygen -R is what I want for the firstpart; and is better than the sed line…I’ll use that.
I want the key based verification, and in general I want the strict checking, just not this particular time, as I just regenerated the VM. The OpenStack boot process will put the right keys in place. It is just the VM that has changed, buit I am doing this in the middle of changing it, so I know the old host entry is bad.