[ale] SSH configuraiton
cfowler
cfowler at outpostsentinel.com
Mon Feb 10 13:28:03 EST 2003
No because it is an embedded device. I do not know the hosts up front.
Could be any.
On Mon, 2003-02-10 at 12:52, James P. Kinney III wrote:
> Is it possible to populate that ram disk with a valid known_hosts file?
> That would really be a better way to work this than to turn off
> authentication.
>
>
> On Mon, 2003-02-10 at 12:26, cfowler wrote:
> > But my impersistence is du to the fact that ~/.ssh/known_hosts sits in
> > ram and not on disk.
> >
> >
> > On Mon, 2003-02-10 at 12:19, James P. Kinney III wrote:
> > > The persistence is due to the remote host IP address changing. Classic
> > > case: remote host using dynamic DNS listing gets new IP address from
> > > ISP. Next ssh connection grips about authenticity as the host key is
> > > good but it is keyed to the IP address.
> > >
> > > On Mon, 2003-02-10 at 11:24, Jerry Z. Yu wrote:
> > > > if you really really don't care about host authenticity, you can
> > > > set 'StrictHostKeyChecking' to 'no', so ssh can automatically add new
> > > > host keys to the user known hosts files.
> > > > $HOME/.ssh/known_hosts should be persistent. Not sure why/what
> > > > you are referring to on its impersistence?
> > > >
> > > >
> > > > On Mon, 10 Feb 2003, Jason Day wrote:
> > > >
> > > > #On Mon, Feb 10, 2003 at 10:53:48AM -0500, cfowler wrote:
> > > > #> I want to configure ssh_config so that the users do not get the
> > > > #> following message. I do not care about authenticity of hosts. I jst
> > > > #> want encryption. The ~/.ssh/known_hosts file is not persistent across
> > > > #> reboots so this message could become a little bit of a pain
> > > > #
> > > > #I don't think it can be done without a code change, since that would
> > > > #defeat most of the point. You might be able to work around it, though.
> > > > #You say that ~/.ssh/known_hosts is not persistent, but could you make a
> > > > #persistent known_hosts file? If so, you could set the
> > > > #StrictHostKeyChecking options to "yes" and the UserKnownHostsFile option
> > > > #to a persistent known_hosts file, which you would have to maintain. If
> > > > #the server keys ever change, though, you will have to update the
> > > > #known_hosts file, or your users won't be able to connect.
> > > > #
> > > > #Jason
> > > > #--
> > > > #Jason Day jasonday at
> > > > #http://jasonday.home.att.net worldnet dot att dot net
> > > > #
> > > > #"Of course I'm paranoid, everyone is trying to kill me."
> > > > # -- Weyoun-6, Star Trek: Deep Space 9
> > > > #_______________________________________________
> > > > #Ale mailing list
> > > > #Ale at ale.org
> > > > #http://www.ale.org/mailman/listinfo/ale
> > > > #
> > > >
> > > > Jerry Z. Yu +1-404-487-8544 (O)
> > > > systems engineer z.yu at voicecom.com
> > > > is support, voicecom, llc www.voicecom.com
> > > >
> > > > _______________________________________________
> > > > Ale mailing list
> > > > Ale at ale.org
> > > > http://www.ale.org/mailman/listinfo/ale
> > > --
> > > James P. Kinney III \Changing the mobile computing world/
> > > CEO & Director of Engineering \ one Linux user /
> > > Local Net Solutions,LLC \ at a time. /
> > > 770-493-8244 \.___________________________./
> > > http://www.localnetsolutions.com
> > >
> > > GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) <jkinney at localnetsolutions.com>
> > > Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7
> >
> >
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://www.ale.org/mailman/listinfo/ale
> --
> James P. Kinney III \Changing the mobile computing world/
> CEO & Director of Engineering \ one Linux user /
> Local Net Solutions,LLC \ at a time. /
> 770-493-8244 \.___________________________./
> http://www.localnetsolutions.com
>
> GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) <jkinney at localnetsolutions.com>
> Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list