On Fri, Oct 21, 2005 at 11:55:22AM -0400, Jay Fenlason wrote: > If you have the keys for both hosts in your ~/.ssh/known_hosts file, > ssh doesn't complain at all, even with host checking enabled.
It would complain if the "HostKeyAlias" config item wasn't used (and the known_hosts file already had a conflicting entry for "localhost") which was my point -- my statement was (at least intended as) a compliment to Matt on noticing the proper ssh config items to make the tunnel work and get the keys associated with the correct hostnames. > The fun part is getting both entries into the file in the first place. I haven't had a problem with that when using the StrictHostKeyChecking option to ssh. Setting it to "ask" makes ssh ask me if it should add a new key, and it then takes care of maintaining the entries in the known_hosts file. You can either set this option in your ~/.ssh/config file (and make sure you don't train your fingers to automatically answer "yes" to an unexpected unknown-hostkey prompt), or you can specify the option only when needed on the command-line for ssh (use "no" or "ask"): ssh -o StrictHostKeyChecking=no host ..wayne.. -- To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html