how to suppress message when ssh to host "Are you sure you want to continue connecting (yes/no)? yes"???????

how can I suppress this message when ssh into a linux server , i cant seem to find this like no check or something ,


ECDSA key fingerprint is MD5:de:66:6wea:32:dw2:65:d7wwwwwww:1c:a4:05:e0.
Are you sure you want to continue connecting (yes/no)? yes
LVL 1
NAMEWITHELD12Asked:
Who is Participating?
 
Murugesan NagarajanConnect With a Mentor Subject-matter expert at C++ C delivery, implementation, at UNIX oriented operating systems (Windows: CYGWIN_NT MINGW32_NT MINGW64_NT)Commented:
@NAMEWITHELD12
Here goes the reason behind /usr/bin/ssh and ~/.ssh/known_hosts file:
>> Are you sure you want to continue connecting (yes/no)? yes
$ /bin/rm -i ~/.ssh/known_hosts
/bin/rm: remove regular file '/home/murugesandins/.ssh/known_hosts'? y

Open in new window

After removing this file using /usr/bin/ssh localhost
$ /bin/ls -l ~/.ssh/known_hosts
/bin/ls: cannot access '/home/murugesandins/.ssh/known_hosts': No such file or directory
$ /usr/bin/ssh localhost
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:ODeaQmZm2pvpJkXMDDuiQEhFIXPeEy/ejs1jnsaVmG4.
Are you sure you want to continue connecting (yes/no)? yes
$ /usr/bin/ssh -q localhost
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:ODeaQmZm2pvpJkXMDDuiQEhFIXPeEy/ejs1jnsaVmG4.
Are you sure you want to continue connecting (yes/no)? yes
murugesandins@localhost's password:
No mail.
Last login: Fri Mar 16 18:18:02 2018 from 127.0.0.1
$ exit
$ /bin/ls -l ~/.ssh/known_hosts
-rw-r--r-- 1 murugesandins murugesandins 222 Mar 16 18:18 /home/murugesandins/.ssh/known_hosts

Open in new window

Hence when current system connecting to other system, /usr/bin/ssh is adding known host to ~/.ssh/known_hosts
If you reconnect again, /usr/bin/ssh used to verify if that host is trusted host or not
by reading ~/.ssh/known_hosts
if trusted, it won't ask again:
$ /usr/bin/ssh -q localhost
murugesandins@localhost's password:
No mail.
Last login: Fri Mar 16 18:18:13 2018 from 127.0.0.1
$ exit

Open in new window

If you are using /usr/bin/ssh ip address instead of /usr/bin/ssh hostname
{
          ip address used to change because of using dhcp.
          In that case, ~/.ssh/known_hosts file needs to be updated each time when ip address are changed.
}
Hence handled those exceptions.
This is good for security and informing the clients, about (ssh/sshd/ssl/...) secure policies :)
~/.ssh/known_hosts file used to have related type of public key from ( /usr/bin/ssh or  /usr/bin/sftp or ... secure related protocols )
0
 
Scott SilvaConnect With a Mentor Network AdministratorCommented:
Set StrictHostKeyChecking no in your /etc/ssh/ssh_config file, where it will be a global option used by every user on the server. Or set it in your ~/.ssh/config file, where it will be the default for only the current user. Or you can use it on the command line:

ssh -o StrictHostKeyChecking=no -l $user $host
0
 
nociConnect With a Mentor Software EngineerCommented:
Otoh, the question has a reason, you could f.e. connect to to the wrong computer giving out your credentials..
This question allows you to check if you got to the right place. And if you say Yes, the ID of the system wil be remembered in to future.

So per host this question is only asked once .... unless the stored credentials are removed.
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
serialbandConnect With a Mentor Commented:
When I used to manage multiple online unix/linux systems, I published the hostids for users to manually load into ~/.ssh/known_hosts and avoid being asked.  Unfortunately, I doubt that most users even understood.  Loading it into the known_hosts file will prevent the popup.

It's not recommended to suppress the message.  You use it to identify and verify that the system you're connecting to is the correct one.
1
 
NAMEWITHELD12Connect With a Mentor Author Commented:
this is for ansible to connect to each host , I think the more secure and professional way to do this is to add the hosts to the known hosts file
1
 
serialbandConnect With a Mentor Commented:
Usually, you only have to be asked once.  The host ID will be loaded into your system.  If you meant that you will do it from multiple systems, then you could manually connect to all the systems from the one you're using, then copy the known_hosts file to the other systems.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.