[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

SSH hostkey authentication and users' known_hosts files

We are successfully using SSH hostkey-based authentication for our
cluster. What I find really strange is that users still get to see
messages like:

  Warning: Permanently added the RSA host key for IP address
  '' to the list of known hosts.

On and for each host, /etc/ssh/known_hosts contains the RSA and DSA
keys, so there is really no point in adding them to the user's
database. Moreover, if the admin actually puts a new host in place,
users might get confused by the warning message.

Is this a bug or a feature?
How can I disable the use of ~/.ssh/known_hosts when the needed key
is present in /etc/ssh/ssh_known_hosts?

Please do not send copies of list mail to me; I read the list!
 .''`.     martin f. krafft <madduck@debian.org>
: :'  :    proud Debian developer, admin, user, and author
`. `'`
  `-  Debian - when you have better things to do than fixing a system
Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!

Attachment: signature.asc
Description: Digital signature

Reply to: