I want non-interactive first ssh access

Question

I would like to access my new virtual server in the cloud with ssh from an install script so that it does not ask for user interaction. When I use plain

ssh -i keys.pem user@host.com

it does tell me that this is a new host, do I trust it? As I freshly create this, I want to trust it without further ado.

Then I did use

-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no

but this does not establish the connection so that later requests go automatically. It does not create the entry in known_hosts.

How can I make ssh to connect non-interactively first and then all the time?

Gergely

score 3 · Accepted Answer · answered Jun 09 '11 at 09:44

3

Have you tried just using the following?

$ ssh -o StrictHostKeyChecking=no -i keys.pem user@host.com

I don't see the point of having -o UserKnownHostsFile=/dev/null as well; this just seems to prevent the addition of the key to your known hosts file.

answered Jun 09 '11 at 09:44

Tom Shaw

3,752
16
23

3

Also, `BatchMode=yes` would be a good addition. – Janne Pikkarainen Jun 09 '11 at 09:54
'BatchMode=yes' will fail if host is not known – Petr Gladkikh Sep 01 '16 at 18:20

score 3 · Answer 2 · answered Sep 02 '16 at 09:17

It is also possible to add host's keys to the "known hosts" once in advance so ssh is not surprised. E.g.

ssh-keyscan example.com >>~/.ssh/known_hosts

This is still sloppy since you unconditionally trust keys on the first time. But this provides slightly better security since you have these keys for inspection and get warning when they change on subsequent connect attempts which might be sign of interference.

I want non-interactive first ssh access

2 Answers2