1

When I run

ssh-keyscan -p NNN -t rsa GITHOST

it produces sting like

GITHOST ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCZwBe6yneM2q2KEuQ3UV194hUcEcQ7b0xoYdKXKU6RrsxP2wup3uwC4q2SbPlW6XkjVtOIXY4c5aBaieMjNhIBFxGa2yUnTwZPFZiGMh/fwoZ2IsLsIE7XCj2q4eO1jmxvgWf7VAE7DVkGg5VTcRRoVOP5V15z9/saP5u4Tcwu1w==

And I add it to ~/.ssh/known_hosts file.

But the git still asks me about key verification. Could be it b/c there is no port information stored in the known_hosts file ?

How can I create proper known_hosts in a script?

kmmbvnr
  • 111
  • 1
  • 3
  • 1
    When you say you added it to known_hosts, what exactly did you add? How does the known_hosts file look? – Tim S. Sep 16 '15 at 15:46
  • 1
    what system are you using? Do you have `HashKnownHosts=yes`? If so, you will need to hash your hosts fin that file using `ssh-keygen -H` after that. – Jakuje Sep 16 '15 at 18:18

1 Answers1

1

This is usually not needed since current ssh-keyscan versions will add the port for you. Older versions did not do that. You could post-process the line with sed like this:

ssh-keyscan -p NNN -t rsa GITHOST | sed -E 's/^([^ \[]+) (.*)$/[\1]:NNN \2/'

The output of ssh-keyscan is piped into sed that will use a substitute regexp to transform the output of ssh-keyscan to include the port.

This will result in:

[GITHOST]:NNN ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCZw....

Update: I refined the regexp above to play nice with ssh-keyscan output in already correct format.

itsafire
  • 468
  • 3
  • 15