Bug 1209

Summary: StrictHostKeyChecking really needs a 4th option
Product: Portable OpenSSH Reporter: Tom Horsley <horsley1953>
Component: sshAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED WONTFIX    
Severity: enhancement CC: djm
Priority: P2    
Version: 4.3p2   
Hardware: All   
OS: All   

Description Tom Horsley 2006-07-13 03:22:36 AEST 
I'd love to have something like an "update-anyway" option for
StrictHostKeyChecking that is like "ask", but if the key has changed
gives you the option of going ahead and replacing the old host key
with the new one.

Folks are constantly re-genning test systems around here and never
bother to save and restore the keys in /etc/ssh, so I'm constantly
forced to manually edit my known_hosts file. It would simplify things
if I could just tell ssh to go ahead and edit it for me.
Comment 1 Damien Miller 2008-06-12 17:03:20 AEST 
You can achieve this effect with UserKnownHostFile=/dev/zero

We do not want to facilitate unsafe behaviour by providing an explicit option.

Sorry.
Comment 2 Damien Miller 2008-07-22 12:08:50 AEST 
Mass update RESOLVED->CLOSED after release of openssh-5.1