[vox-tech] How do I make SSH connect anyway if a host's IP has changed?

Mark K. Kim vox-tech@lists.lugod.org
Tue, 8 Jan 2002 22:12:38 -0800 (PST)


You should SSH to a specific host, such as king.ece.ucdavis.edu,
cobra.ece.ucdavis.edu, asp.ece.ucdavis.edu, etc.

Making the host ignore the key is a security risk and shouldn't be done.

ISUN has a different system where each host has the same key.  I guess
it's a hassle to set up all the hosts to have the same key.  I think ISUN
has a significantly less number of systems to manage.

-Mark

On Tue, 8 Jan 2002, Ken Bloom wrote:

> The Electrical and Computer Engineering department has set up a system where, by connecting to
> the address snake.ece.ucdavis.edu, the department hands off connections to the least busy HP
> computer in their lab.  I was trying, today to use ssh to connect to these HP computers by
> SSH. The first try, (and some random tries after that), SSH would connect OK. Most other
> times, however, the remote computer would fail the test because I was being handed off to a
> different HP system.
>
> I am currently trying to connect using a shell script I created named snake:
>
> #! /bin/bash
> cat > ~/.sshconfig << ENDOFCONFIG
> StrictHostKeyChecking no
> CheckHostIP no
> ENDOFCONFIG
> ssh -F ~/.sshconfig kabloom@snake.ece.ucdavis.edu
>
> (neither of these configuration options seem to be doing the trick, even after I deleted the
> offending key from ~/.ssh/known_hosts)
>
> Is there any way to make SSH ignore the tests that it uses to verify host authenticity when
> I connect to snake.ece.ucdavis.edu?
>
> _______________________________________________
> vox-tech mailing list
> vox-tech@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech
>

--
Mark K. Kim
http://www.cbreak.org/mark/
PGP key available upon request.