Openssh在ssh登陆的时候不自动加host key
在使用Net::Openssh这个模块的时候,对于没有登录过的服务器,就是没有加入到know_hosts文件中的IP。似乎不会自动处理host key。干脆将ssh设置成自动好了。
man 5 ssh_config
在手册中有如下解释:
StrictHostKeyChecking
If this flag is set to “yes”, ssh will never automatically add host keys to the
~/.ssh/known_hosts file, and refuses to connect to hosts whose host key has changed.
This provides maximum protection against trojan horse attacks, however, can be annoy-
ing when the /etc/ssh/ssh_known_hosts file is poorly maintained, or connections to
new hosts are frequently made. This option forces the user to manually add all new
hosts. If this flag is set to “no”, ssh will automatically add new host keys to the
user known hosts files. If this flag is set to “ask”, new host keys will be added to
the user known host files only after the user has confirmed that is what they really
want to do, and ssh will refuse to connect to hosts whose host key has changed. The
host keys of known hosts will be verified automatically in all cases. The argument
must be “yes”, “no” or “ask”. The default is “ask”.
默认是ask。
uddtm 2011-08-02
网站地图
