Resetting a Known Host for SSH

I often create and destroy a virtual machine multiple times in development. SSH records the host and key and often complains about a changed value for a given key. As I am attempting to automate more and more, I need to be able to communicate with these recreated hosts without dealing with the warning messages.


#!/bin/sh


if test "$#" -lt 1
then
    echo "usage $0    "
    echo
    echo "Will remove the ipaddress from the known hosts file,"
    echo "and then make an ssh call to the host without strict,"
    echo "host checking to  repopulate it.  This is risky if you"
    echo "do not know for certain that you are talking to the"
    echo "correct host."

    exit 1
fi

IPADDR=$1

if test "$#" -eq 2
then
    USERNAME=$2
else
    USERNAME=centos
fi
  

sed  -i.bak  '/^$IPADDR/d'   ~/.ssh/known_hosts
ssh  -o  "StrictHostKeyChecking=no"   $USERNAME@$IPADDR hostname

7 thoughts on “Resetting a Known Host for SSH

  1. I am using xip.io for that. With the following configuration for SSH:

    Host *.xip.io
    StrictHostKeyChecking no
    UserKnownHostsFile /dev/null
    StrictHostKeyChecking no
    PasswordAuthentication no
    IdentitiesOnly yes
    LogLevel FATAL

  2. I use sshpass for these cases.
    sshpass -p PASSWORD ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null root@1.2.3.4

  3. Well, not exactly for these, but as part of. `-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null` are ssh args.

  4. So, I think a bunch of you are misunderstanding the use case. Yes, ssh-keygen -R is what I want for the firstpart; and is better than the sed line…I’ll use that.

    I want the key based verification, and in general I want the strict checking, just not this particular time, as I just regenerated the VM. The OpenStack boot process will put the right keys in place. It is just the VM that has changed, buit I am doing this in the middle of changing it, so I know the old host entry is bad.

Leave a Reply

Your email address will not be published. Required fields are marked *