Disabling strict key checking on ssh

Key checking on ssh validates that the remote system you’re attempting to connect to is the same server that you connected to the last time, to help prevent the possibility that someone has hijacked the DNS name, IP, or the hardware itself.

However, some times you may want to avoid this checking. For example, I have a Raspberry Pi that I boot from multiple SD cards, but each is setup with the same IP. If strict key checking is enabled then your ssh client will prevent you from connecting when it detects a signature change. You’ll see this error:

RSA host key for 192.168.x.x has changed and you have requested strict checking.

To avoid this, edit or add ~/.ssh/config, and add:

Host 192.168.x.x
    StrictHostKeyChecking no

where the IP can be the IP of the machine you’re connecting to, or you can use a * wildcard too (maybe not as secure).

If you’ve already connected and have a key in your known_hosts, then I think you need to delete this entry first, and then try with this config.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.