Re: issues with stretch, part 1 of many
Good day, Ionel,
Am Dienstag, 27. November 2018 schrieb Ionel Mugurel Ciobîcă:
> The first question I want to ask relates to ssh, ssh-ask and
> ssh-agent. When I ssh to another computer I am asked "Allow use of key
> id_rsa? Key fingerprint ..." If I uninstall all ssh-ask programs I
> simply can't use the ssh-agent anymore and I am prompted for password.
> I try ssh-ask, ssh-ask-fullscreen, ssh-ask-gnome and the similar from
> kde. I check the /etc/ssh/ssh_config and /etc/ssh/sshd_config for
> anything that may relate to this. The only think coming close are:
> UsePAM yes
> ChallengeResponseAuthentication no
> Is there something I overlook?
> To be clear, I do not want to be asked if I allow the use of a key, I
> just want this to be assumed yes, as it was the case in the past.
This is just a guess. Maybe you are looking for this option
# StrictHostKeyChecking ask
The default is to ask, see above, copied from the (unchanged) file on my
If this flag is set to yes, ssh(1) will never automatically add
host keys to the ~/.ssh/known_hosts file, and refuses to connect
to hosts whose host key has changed. This provides maximum
protection against trojan horse attacks, though it can be
annoying when the /etc/ssh/ssh_known_hosts file is poorly
maintained or when connections to new hosts are frequently made.
This option forces the user to manually add all new hosts. If
this flag is set to no, ssh will automatically add new host keys
to the user known hosts files. If this flag is set to ask (the
default), new host keys will be added to the user known host
files only after the user has confirmed that is what they really
want to do, and ssh will refuse to connect to hosts whose host
key has changed. The host keys of known hosts will be verified
automatically in all cases.
If you configure ssh to ask, then, after you confirmed for one particular
connection/key, this choice will be saved in ~/.ssh/known_hosts and you
will not be asked again (until the key on the same server is changed).
Speculating again: when you installed your system, the file
~/.ssh/known_hosts didn't contain the entries for the servers you usually
connect to. If that's the case, you can import/copy the ssh configuration
from your old system to avoid being asked.
Hope this helps,