[BBLISA] Mac users ssh client and changing host keys
Jurvis LaSalle
jurvis at gmail.com
Fri Jan 24 12:14:47 EST 2014
In specific instances, I've replaced the built-in ssh with
http://www.psc.edu/index.php/hpn-ssh to increase sftp/scp throughput
between hosts with big pipes.
I recently had to work through a cron'd rsync+ssh to a round-robin DNS
record and added this stanza to ~/.ssh/config:
Host roundrobin.example.com
IdentityFile ~/.ssh/id_rsa.roundrobinrsync
StrictHostKeyChecking no
CheckHostIP no
UserKnownHostsFile=/dev/null
I would not recommend overriding these settings for a wide swath of hosts,
ie don't put an asterisk in Host definition.
On Fri, Jan 24, 2014 at 11:32 AM, Edward Ned Harvey (bblisa4) <
bblisa4 at nedharvey.com> wrote:
> > From: bblisa [mailto:bblisa-bounces at bblisa.org] On Behalf Of Alex
> Aminoff
> >
> > What is the typical way a Mac user uses ssh? Do they use the
> > command-line ssh client that comes with the OS, or do they download some
> > app analogous to putty on windows?
>
> I don't know a single person who uses an ssh client other than the
> built-in ssh.
>
>
> > We plan to renumber all our IP space, which will cause saved ssh host
> > keys to become invalid.
>
> Now is the time to start using DNS. In fact, a long, long time ago was
> the time to start. If you were using DNS, you wouldn't have this problem.
> You can renumber to your heart's content, and ssh known_hosts will record "
> foobar.somedomain.org" as the host corresponding to that particular ssh
> server public key. Renumber away, no problem.
>
> If you're in the unfortunate situation of NOT using DNS, and for some
> reason the problem you care about is the IP address in the known_hosts
> file... Then just use sed on your known_hosts file to replace the old IP
> with the new IP.
>
> _______________________________________________
> bblisa mailing list
> bblisa at bblisa.org
> http://www.bblisa.org/mailman/listinfo/bblisa
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.bblisa.org/pipermail/bblisa/attachments/20140124/bbaabd7a/attachment.html>
More information about the bblisa
mailing list