begin quoting James G. Sack (jim) as of Sat, Aug 16, 2008 at 05:43:57PM -0700: > David Brown wrote: > > On Sat, Aug 16, 2008 at 04:38:34PM -0700, James G. Sack (jim) wrote: > > > >> Is there some way to totally ignore hostkey for certain hosts? > > > > Not easily, and it is fairly important from a security point of view > > that you don't do this. > > > > There is a simple solution, copy the same host key to all of the > > multi-boot images that the machine uses. Then, they will each get the > > same key. Just look for the /etc/ssh/ssh_host* files. [snip] > > Without knowing who you are talking to, the encryption of the > > connection is pointless. > > I actually know all that (and agree). My scenario is that I want to use > ssh as a better rsh, and transport tunnel for other apps -- in this case > entirely within my LAN. I would even be happy to turn off encryption. > > I also thought of synchronizing the machine hostnames (which seems like > the most appropriate answer), but was looking for a lazier solution. ;-) > I didn't think of the suggestion of multiple entries in known_hosts, but > I think I'll skip that, as it is even more work. ;-) > > I suppose the bottom line is I'm trying to use the tool for a different > purpose than intended. OK, fair 'nuff.
Is there really any reason for the machine to have the same IP for each "personality"? If you don't want to copy the same host key around, I would think the next step would be to make each OS on that machine have a different IP address, which has the side effect of letting you avoid "it's running the wrong OS" errors. -- I'm sure I copied that file to $foo. Maybe it was booted as $bar? Or $baz? Stewart Stremler -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
