Disable "Permanently added <host> ..." warning on local LAN

26

3

I have the following in my ssh_config to connect to machines on my local LAN and machines in a VM:

Host 172.16.*.*
StrictHostKeyChecking no
UserKnownHostsFile /dev/null

However, each time I connect it produces a warning:

$ ssh jdoe@172.16.4.11
Warning: Permanently added '172.16.4.11' (ECDSA) to the list of known hosts.
Enter passphrase for key '/Users/jdoe/.ssh/id_ed25519':

I'm using OpenSSH 7.1. How do I disable the warning on each connection for the local LAN?

jww

Posted 2015-11-25T00:06:08.697

Reputation: 1

Answers

33

Append the following to your SSH config file:

LogLevel ERROR

Or append -o LogLevel=ERROR to the ssh command itself.

TakingItCasual

Posted 2015-11-25T00:06:08.697

Reputation: 431

The SSH config file on Debian is /etc/ssh/ssh_config (not /etc/ssh/sshd_config !) – rubo77 – 2019-12-21T07:57:49.943

16

You should be able to do this by changing your ssh configuration from the default log-level of "info" to "error" (the next level up).

Refer to the ssh_config manual page:

LogLevel
Gives the verbosity level that is used when logging messages from ssh(1). The possible values are: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. The default is INFO. DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher levels of verbose output.

The source code for ssh tells the story:

    /*
     * Initialize "log" output.  Since we are the client all output
     * actually goes to stderr.
     */
    log_init(av[0], options.log_level == -1 ? SYSLOG_LEVEL_INFO : options.log_level,
        SYSLOG_FACILITY_USER, 1);

along with the definition of log_init:

void
log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr)
{

i.e., all of the "log" messages go to the standard error, and you can only adjust how many you get. The one you do not want happens to be at the INFO level.

Thomas Dickey

Posted 2015-11-25T00:06:08.697

Reputation: 6 891

7

In short, run ssh with the -q flag to disable warnings/diagnostics (but not errors).

JJC

Posted 2015-11-25T00:06:08.697

Reputation: 181

7-q will do more than you probably bargained for. It suppresses very useful error messages. Example: ssh -q not-existing-host will not print a single error message. This command just fails silently. In contrast, ssh -o LogLevel=error not-existing-host will print an explanation: ssh: Could not resolve hostname not-existing-host: Name or service not known – hagello – 2017-07-12T14:54:41.450

Asked: 2015-11-25T00:06:08.697

Viewed: 22 153 times

Active: 2018-10-13T20:54:04.127