On Mon, 17 May 2010 10:38:55 -0400 Bill Davidsen <davidsen@xxxxxxx> wrote: > Christoph Höger wrote: > > Hi, > > > > I need to ssh to some remote VM that sit in a private LAN. For any other > > service (e.g. RDP) I'd use ssh tunneling just normal. > > But what do I do for ssh traffic? Since ssh is not host agnostic, it > > will always complain about localhost having a different RSA key. > > I just do not want to edit the known_hosts every time I need to connecto > > to a new machine! > > > I just remembered having a similar problem and how I solved it. I added a fixed > IP for the machine at the end of the tunnel in /etc/hosts, and the fixed IP was > 127.0.0.X, which seemed to allow a unique entry in known_hosts on the > originating machine. Since all of 127/8 is used for loopback, I decided to use > another address for the made up machine name. > > You still have to edit /etc/hosts for each new machine, but once and only once > per machine. > Alternative: ~/.ssh/config CheckHostIP If this flag is set to ``yes'', ssh(1) will additionally check the host IP address in the known_hosts file. This allows ssh to detect if a host key changed due to DNS spoofing. If the option is set to ``no'', the check will not be executed. The default is ``yes''. BR, Bob -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
