On Mon, Aug 25, 2003 at 05:54:54PM +0200, Neo wrote: > [EMAIL PROTECTED]:/home/user/.ssh >grep -v '^#' < config > Host * > BatchMode yes > [EMAIL PROTECTED]:/home/user/.ssh >ls -al known_hosts > ls: known_hosts: No such file or directory > [EMAIL PROTECTED]:/home/user/.ssh >ssh remote > Host key verification failed. <-------- ? > [EMAIL PROTECTED]:/home/user/.ssh >vi config > [EMAIL PROTECTED]:/home/user/.ssh >grep -v '^#' < config > Host * > BatchMode no > [EMAIL PROTECTED]:/home/user/.ssh >ssh remote > The authenticity of host 'remote (192.168.1.1)' can't be established. > RSA key fingerprint is fb:e4:98:70:40:1c:7f:86:b8:88:d5:a0:27:5d:70:eb. > Are you sure you want to continue connecting (yes/no)? yes > Warning: Permanently added 'remote,192.168.1.1' (RSA) to the list of > known hosts. > Linux remote 2.4.18.686v5 #1 Sat Jul 12 23:26:32 CEST 2003 i686 unknown > Last login: Mon Aug 25 16:49:21 2003 from local > [EMAIL PROTECTED]:/home/user >
That's deliberate, and is not a bug. If ssh is going to be required to show you the host key prompt (which you're supposed to read and answer properly, since a man-in-the-middle attack is always possible when that prompt has been printed), but can't due to being in batch mode, it fails safe and refuses. Workaround: ssh to the host in question once and answer the question in order to get its fingerprint into ~/.ssh/known_hosts, or pre-populate known_hosts if you know how. Cheers, -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
