The SSH server has default enabled the strict host key checking. When the key checking is enabled, the SSH client connects only those hosts, that valid host keys are stored in the known host’s file. You can find the fine at ~/.ssh/known_hosts
.
Once you are connected to a remote host file time via SSH, the SSH clients check for the host key file under the known_hosts file. If the key is found, you will be connected to a remote server after authentication, but if key doesn’t found in the known_hosts file, the command will show a warning message and a prompt to accept or reject the connection request. Once you accepted the by typing “yes”, the key is added in the known_hosts file.
Here is an example to of command:
ssh ubuntu@remote-host
OutputThe authenticity of host 'remote-host (123.45.67.89)' can't be established. RSA key fingerprint is 9f:48:89:f5:68:2f:cd:b3:19:95:40:43:98:09:0a:1a. Are you sure you want to continue connecting (yes/no)?
But in some situations, like shell scripts, we need to disable the strict host check. Continue to read this article to understand the way to disable strict host check in the SSH clients on Linux systems.
Disable with SSH Command
You can define the StrictHostKeyChecking=no
command line argument to ssh command to skip the host key checking.
ssh -o StrictHostKeyChecking=no user@remote-host
Using Config File
You can also define the strings to disable host key checking in the configuration file. You need to create a ~/.ssh/config
file and disable strict host key checking by adding the content.
vi ~/.ssh/config
Host * StrictHostKeyChecking no
This will disable host checking for all hosts you connect to. Rather than disabling host check for all Host “*”, it would be safer to specify a particular host.
Host 192.168.1.10 StrictHostKeyChecking no
Also, set the proper permissions on the file to make it read-only for the user.
sudo chmod 400 ~/.ssh/config
That’s it. You have successfully disabled the strict host key checking in SSH.
Conclusion
In this tutorial, you have learned, how to disable strict host key check during ssh key connection to a remote host.