{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Rolldiameter 的问题《ssh: The authenticity of host 'hostname' c》','https://www.manongdao.com/q-178044.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
When i ssh to a machine, sometime i get this error warning and it prompts to say "yes" or "no". This cause some trouble when running from scripts that automatically ssh to other machines.
Warning Message:
The authenticity of host '<host>' can't be established.
ECDSA key fingerprint is SHA256:TER0dEslggzS/BROmiE/s70WqcYy6bk52fs+MLTIptM.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'pc' (ECDSA) to the list of known hosts.
Is there a way to automatically say "yes" or ignore this?
With reference to Cori's answer, I modified it and used below command, which is working. Without
exit, remaining command was actually logging to remote machine, which I didn't want in scriptMake sure
~/.ssh/known_hostsis writable. That fixed it for me.I solve the issue which gives below written error:
Error:
The authenticity of host 'XXX.XXX.XXX' can't be established.
RSA key fingerprint is 09:6c:ef:cd:55:c4:4f:ss:5a:88:46:0a:a9:27:83:89.
Solution:
1. install any openSSH tool.
2. run command ssh
3. it will ask for do u add this host like. accept YES.
4. This host will add in the known host list.
5. Now you are able to connect with this host.
This solution is working now......
Generally this problem occurs when you are modifying the keys very oftenly. Based on the server it might take some time to update the new key that you have generated and pasted in the server. So after generating the key and pasting in the server, wait for 3 to 4 hours and then try. The problem should be solved. It happened with me.
Do this -> chmod +w ~/.ssh/known_hosts This adds write permission to the file at ~/.ssh/known_hosts. After that the remote host will be added to the known_hosts file when you connect to it the next time.
Ideally, you should create a self-managed certificate authority. Start with generating a key pair:
ssh-keygen -f cert_signerThen sign each server's public host key:
ssh-keygen -s cert_signer -I cert_signer -h -n www.example.com -V +52w /etc/ssh/ssh_host_rsa_key.pubThis generates a signed public host key:
/etc/ssh/ssh_host_rsa_key-cert.pubIn
/etc/ssh/sshd_config, point theHostCertificateto this file:HostCertificate /etc/ssh/ssh_host_rsa_key-cert.pubRestart the sshd service:
service sshd restartThen on the SSH client, add the following to
~/.ssh/known_hosts:@cert-authority *.example.com ssh-rsa AAAAB3Nz...cYwy+1Y2u/The above contains:
@cert-authority*.example.comcert_signer.pubThe
cert_signerpublic key will trust any server whose public host key is signed by thecert_signerprivate key.Although this requires a one-time configuration on the client side, you can trust multiple servers, including those that haven't been provisioned yet (as long as you sign each server, that is).
For more details, see this wiki page.