Re: Subject: network-console installation and ssh keys

To: debian-user@lists.debian.org
Subject: Re: Subject: network-console installation and ssh keys
From: Paul E Condon <pecondon@mesanetworks.net>
Date: Wed, 15 Apr 2015 14:26:28 -0600
Message-id: <[🔎] 20150415202628.GA16974@big.lan.gnu>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] slrnmir1ui.1t0.liam.p.otoole@dipsy.tubbynet>
References: <[🔎] 20150414203155.GA13891@alum.home> <[🔎] slrnmir1ui.1t0.liam.p.otoole@dipsy.tubbynet>

On 20150414_2134+0000, Liam O'Toole wrote:
> On 2015-04-14, David Wright <david@lionunicorn.co.uk> wrote:
> > I like the new Network Console option in the installer.
> > However, when I reinstall Debian onto a machine called, say, desk
> > select the necessary options, type in the password for the
> > installer session, and then sit back with a machine called, lap,
> > when I type   ssh installer@desk   I get the usual
> >
> > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> > @    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
> > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> > IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
> > Someone could be eavesdropping on you right now (man-in-the-middle
> > attack)!
> > It is also possible that a host key has just been changed.
> > The fingerprint for the RSA key sent by the remote host is
> >
> > because the installer has generated and is running with fresh keys.
> > (I frequently connect from lap to desk and vice versa and so
> > have authorised_keys as well as know_hosts there.)
> >
> > What do most people do here?

On this one, I think *most*people* are like me. I ignore the
warning. Unless I am doing the install in a coffee shop with 'free'
internet access that I have never used before. But at home, if I am
using an ISP that I have been using for several years, and that has a
good reputation in my part of the world, I know the warning does not
apply to me, in my particular situation.

HTH, YMMY, etc., etc.

> >
> > Cheers,
> > David.
> 
> Put the following in ~/.ssh/config:
> 
> Host desk
> 	UserKnownHostsFile /dev/null
> 	StrictHostKeyChecking no
> 
> See the man page of ssh_config for details.

I think this will silence the warning forever, or at least until you
think to delete those lines from your ~/.ssh/config. I do not want to
do that, because I am too cautious to commit, long term, to such a
departure from what Debian gurus consider to be best practice. ;-)

YMMV,
Cheers,
-- 
Paul E Condon           
pecondon@mesanetworks.net

Reply to:

Follow-Ups:
- Re: Subject: network-console installation and ssh keys
  - From: Liam O'Toole <liam.p.otoole@gmail.com>

References:
- Subject: network-console installation and ssh keys
  - From: David Wright <david@lionunicorn.co.uk>
- Re: Subject: network-console installation and ssh keys
  - From: Liam O'Toole <liam.p.otoole@gmail.com>

Prev by Date: Re: reading an empty directory after reboot is very slow
Next by Date: Re: reading an empty directory after reboot is very slow
Previous by thread: Re: Subject: network-console installation and ssh keys
Next by thread: Re: Subject: network-console installation and ssh keys
Index(es):
- Date
- Thread