4

I wrote some scripts and wish to add a remote host to my known_hosts file without any interaction. I can run a command like ssh -o "StrictHostKeyChecking no" root@10.x.x.x which will add the remote host key to my known hosts, but it will be followed by a ssh password prompt. Any way to do this without the password prompt?

Xavier Lucas
  • 12,815
  • 2
  • 44
  • 50
VenomFangs
  • 529
  • 2
  • 6
  • 10
  • 3
    Use ssh keys for authorization instead of plain passwords. – Glueon Oct 21 '14 at 16:41
  • 1
    I don't have a setup to test this at the moment, but if you pass `-o PasswordAuthentication=no` that might work? If it does, I can post this as an answer. – David Z Oct 21 '14 at 17:02
  • @DavidZ, had to use both params and when I did it worked. So `ssh -o "StrictHostKeyChecking no" -o PasswordAuthentication=no 10.x.x.x`. Post as an answer and I'll accept – VenomFangs Oct 21 '14 at 17:11
  • @Glueon, I agree with your statement, but think you misunderstood my question. – VenomFangs Oct 21 '14 at 17:18
  • 1
    @VenomFangs I'll still post it, but Xavier's answer of `ssh-keyscan` is a better method (and the one I would have recommended had I known about it). – David Z Oct 21 '14 at 17:30

2 Answers2

8

Use ssh-keyscan 10.x.x.x >> /path/to/known_hosts/file (use -H for better security, depends on the context).

Xavier Lucas
  • 12,815
  • 2
  • 44
  • 50
1

As mentioned in another answer, ssh-keyscan is ideal, but if for some reason you can't do that: You can disable password authentication by either setting the option

PasswordAuthentication no

in a configuration file (e.g. .ssh/config), or passing the option -o PasswordAuthentication on the command line, and thus prevent ssh from asking you for a password. Needless to say, the server sees this as a failed login attempt, unless you have another authentication method configured that does let you log in.

As you've already noted, changing the value of the StrictHostKeyChecking option from ask, the default, to no (or yes if you want better security) is necessary to avoid the prompt about whether you want to add the host key to .ssh/known_hosts.

David Z
  • 5,376
  • 2
  • 24
  • 22