When you connect using ssh for the first time to a machine, you will be asked with such a prompt :
The authenticity of host 'localhost (::1)' can't be established.
RSA key fingerprint is 73:8c:9a:44:c1:5a:e1:9d:20:f1:12:2a:42:da:0f:6f.
Are you sure you want to continue connecting (yes/no)?
This is a security feature of SSH protocol to make sure the identity of the machine is verified before you actually connect to it. Subsequent connections to the host will not ask for this confirmation as long as the identity matches.
But it is also a inconvenience to type “yes” , specially when you are working with new nodes ( clones in a cloud platform , for example ) . There are a few things you can do to bypass this. This is specially useful when you are working with scripts.
Disable it for only one time
When you want to disable the prompt only temporarily for just one command, use the command line option as below.
ssh -o StrictHostKeyChecking=no target.host.ip
Make it permanent
If you would like to make this change permanent, you should also consider getting rid of the known_hosts file , which will otherwise keep complaining about mismatches if they already have entries there. Add these entries in the `~/.ssh/config` file.
Host * StrictHostKeyChecking no UserKnownHostsFile /dev/null
Notes
These will save you from the trouble of type “yes” and also changes in host keys breaking your scripts. But remember, this makes you vulnerable to attacks. So, use it in internal, safe environments.
Defining an alias for such a command would be handy. So you can use it when needed. For bash, you add this line to `~/.bashrc`
alias ssho ssh -o '"-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"'
After that, you can use the `ssho` command to connect to such hosts or inside your scripts.
Enjoy ! 🙂