Good day, Ionel, Am Dienstag, 27. November 2018 schrieb Ionel Mugurel Ciobîcă: > The first question I want to ask relates to ssh, ssh-ask and > ssh-agent. When I ssh to another computer I am asked "Allow use of key > id_rsa? Key fingerprint ..." If I uninstall all ssh-ask programs I > simply can't use the ssh-agent anymore and I am prompted for password. > I try ssh-ask, ssh-ask-fullscreen, ssh-ask-gnome and the similar from > kde. I check the /etc/ssh/ssh_config and /etc/ssh/sshd_config for > anything that may relate to this. The only think coming close are: > UsePAM yes > ChallengeResponseAuthentication no > > Is there something I overlook? > > To be clear, I do not want to be asked if I allow the use of a key, I > just want this to be assumed yes, as it was the case in the past.
This is just a guess. Maybe you are looking for this option in /etc/ssh/ssh_config: # StrictHostKeyChecking ask The default is to ask, see above, copied from the (unchanged) file on my system. man ssh_config(5): StrictHostKeyChecking If this flag is set to yes, ssh(1) will never automatically add host keys to the ~/.ssh/known_hosts file, and refuses to connect to hosts whose host key has changed. This provides maximum protection against trojan horse attacks, though it can be annoying when the /etc/ssh/ssh_known_hosts file is poorly maintained or when connections to new hosts are frequently made. This option forces the user to manually add all new hosts. If this flag is set to no, ssh will automatically add new host keys to the user known hosts files. If this flag is set to ask (the default), new host keys will be added to the user known host files only after the user has confirmed that is what they really want to do, and ssh will refuse to connect to hosts whose host key has changed. The host keys of known hosts will be verified automatically in all cases. If you configure ssh to ask, then, after you confirmed for one particular connection/key, this choice will be saved in ~/.ssh/known_hosts and you will not be asked again (until the key on the same server is changed). Speculating again: when you installed your system, the file ~/.ssh/known_hosts didn't contain the entries for the servers you usually connect to. If that's the case, you can import/copy the ssh configuration from your old system to avoid being asked. Hope this helps, regards, Stefan