情况
两个系统。一个系统在执行 ssh 时自动将 IP 地址添加到已知主机列表中。
Warning: Permanently added '192.168.158.XXX' (ECDSA) to the list of known hosts.
一个没有
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
9c:79:39:54:44:20:bd:65:19:93:5b:00:bb:b7:9c:0c.
Please contact your system administrator.
Add correct host key in /home/jenkins/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/jenkins/.ssh/known_hosts:14
remove with: ssh-keygen -f "/home/jenkins/.ssh/known_hosts" -R 192.168.158.XXX
Password authentication is disabled to avoid man-in-the-middle attacks.
Keyboard-interactive authentication is disabled to avoid man-in-the-middle attacks.
问题
如何设置第二个系统自动执行此操作?这是为了内部测试,我知道否则会很危险。
答案1
另一个也会自动添加,但实际上并没有,因为它已经有一个具有不同键的匹配条目。我通常会关闭检查使用StrictHostKeyChecking
(known_hosts
如果我太烦了,我会删除它,如果出于某种原因,它没有自动创建新的,您可能需要手动重新创建它known_hosts
):
ssh -o StrictHostKeyChecking=no host
您可能还需要设置CheckHostIP
(-o CheckHostIP=no
)。