2

Hello, world!,

I have a VPS set up with multiple domain names pointing to it. Arbitrarily, I like to access it via SSH through the domain name I'm dealing with. So for example, if I'm doing something with example1.com, I'll log in with ssh root@example1.com, and if I'm working with example2.com, I'll log in with ssh root@example2.com. They both point to the same user on the same machine. However, because SSH keeps track of the server's fingerprint, it tells me that there is an offending host key, and makes me confirm access.

$ ssh root@example2.com
Warning: the ECDSA host key for 'example2.com' differs from the key for
the IP address '123.123.123.123'
Offending key for IP in /home/me/.ssh/known_hosts:33 
Matching host key in /home/me/.ssh/known_hosts:38
Are you sure you want to continue
connecting (yes/no)?

Is there a way to ignore this warning? Thanks!

Jonah
  • 169
  • 2
  • 9

1 Answers1

3

Add this to your .ssh/config file:

Host 123.123.123.123
   StrictHostKeyChecking no
   UserKnownHostsFile=/dev/null

This will disable the host key checking and the warnings, but only for that IP. It will also save the host key for that machine in /dev/null thus avoiding future mismatches.

Host example*.com
  StrictHostKeyChecking no
  UserKnownHostsFile=/dev/null

EDIT: My first answer wasn't exactly correct for your this case. These settings will take effect the next time you ssh into a matching hostname. The asterisk acts as a wildcard, so it will match example1.com, example2.com and so on.

r.t.
  • 161
  • 3
  • Do I need to logout/login for it to take affect? Or delete those lines from the `known_hosts` file? – Jonah Aug 30 '12 at 19:19
  • You'll have to add one entry (Host + StrictHostKeyChecking + UserKnownHostsFile) for every domain. If you're only going to connect to the VPS or if you don't care too much about security, you could have a .ssh/config file with just two lines and nothing else: `StrictHostKeyChecking no` and `UserKnownHostsFile=/dev/null`. – r.t. Aug 30 '12 at 21:18