I wrote some scripts and wish to add a remote host to my known_hosts file without any interaction. I can run a command like ssh -o "StrictHostKeyChecking no" [email protected] which will add the remote host key to my known hosts, but it will be followed by a ssh password prompt. Any way to do this without the password prompt?
2 Answers
As mentioned in another answer, ssh-keyscan is ideal, but if for some reason you can't do that: You can disable password authentication by either setting the option
PasswordAuthentication no in a configuration file (e.g. .ssh/config), or passing the option -o PasswordAuthentication on the command line, and thus prevent ssh from asking you for a password. Needless to say, the server sees this as a failed login attempt, unless you have another authentication method configured that does let you log in.
As you've already noted, changing the value of the StrictHostKeyChecking option from ask, the default, to no (or yes if you want better security) is necessary to avoid the prompt about whether you want to add the host key to .ssh/known_hosts.
Use ssh-keyscan 10.x.x.x >> /path/to/known_hosts/file (use -H for better security, depends on the context).
answered Oct 21, 2014 at 17:22
-o PasswordAuthentication=nothat might work? If it does, I can post this as an answer.ssh -o "StrictHostKeyChecking no" -o PasswordAuthentication=no 10.x.x.x. Post as an answer and I'll acceptssh-keyscanis a better method (and the one I would have recommended had I known about it).