disable strict host key checking

How to Disable Strict Host Key Checking in SSH

By default, SSH server performs strict host checking when you make a connection to it. In this case, the SSH client will check the host of SSH server to see if it is present in the SSH client’s known host file at ~/.ssh/known_hosts. If the key of SSH server is found in known_hosts file, then SSH client will connect to it. Else, it will display a warning saying it is an unknown host. It will prompt you to accept or reject the host. If you accept it by entering yes, then SSH client will connect to SSH server. But sometimes you may need to disable strict host key checking in SSH, especially if you are programmatically making SSH connections. In this article, we will learn how to disable host key checking in SSH.


How to Disable Strict Host Key Checking in SSH

Here is an example of warning message you see when you try to connect to an SSH host the first time.

$ ssh ubuntu@remote-host 
Output 

The authenticity of host 'remote-host (123.45.67.89)' can't be established.
RSA key fingerprint is 9f:48:89:f5:68:2f:cd:b3:19:95:40:43:98:09:0a:1a.
Are you sure you want to continue connecting (yes/no)?

There are two ways to disable strict host key checking – via command line, and via config file. We will look at both these methods.


Disable with SSH command

You can disable strict host checking with the following command. Basically, you need to include StrictHostKeyChecking=no option

$ ssh -o StrictHostKeyChecking=no user@remote-host 

This approach is useful if you want to disable the check once in a while, or if you want to disable checks for specific host, but not all hosts. If you want to disable it every time the connection is made, then you need to update the SSH config file.


Using Config File

In this case, once you disable the strict host key checking, your SSH client will never check it. Open SSH config file.

$ sudo vi ~/.ssh/config 

Add the following line to disable checks for all hosts.

Host *
    StrictHostKeyChecking no

Add the following line to disable checks to specific host 123.45.67.89

Host 123.45.67.89
    StrictHostKeyChecking no

Save and close the file. Change its permission so that it is read only.

$ sudo chmod 400 ~/.ssh/config 

Please note, in this case, your SSH client will never check host key for the specified hosts, as long as re-enable it.

In this tutorials, we have learnt how to disable strict host key check in SSH.

Also read:

How to Create Superuser in Django
How to Print Same Line in Python
How to Import from Another Folder in Python
How to Enable MPM Apache Prefork
How to Change Apache Prefork to Worker

Leave a Reply

Your email address will not be published. Required fields are marked *