ssh加速，自动添加到know_hosts

这样的问题，如下，很是麻烦，找到了解决办法。

 

[root@xytr1 ~]# ssh 192.168.5.56

The authenticity of host '192.168.5.56 (192.168.5.56)' can't be established.

RSA key fingerprint is a1:7f:35:ec:1a:5e:33:df:e8:82:56:cf:b6:99:b6:b9.

Are you sure you want to continue connecting (yes/no)? yes ß 这里一定要确认才能通过

Warning: Permanently added '192.168.5.56' (RSA) to the list of known hosts.

Last login: Tue Jul 13 16:29:52 2010 from linux1

 

解决方案是，把 本地 的ssh客户端配置文件 ssh_config 做修改

[root@xytr1 ~]# vi /etc/ssh/ssh_config

找到：

#   StrictHostKeyChecking ask

修改为

    StrictHostKeyChecking no

 

这样下次就不会出现需要确认的提示了。

 

这个选项会自动的把 ssh 的机器添加到 /root/.ssh/know_hosts 中（也就是不需要你手工的输入yes）

如果远程机器遭到了修改，也会有错误提示，不过不会影响ssh登陆，如下

 

[root@xytr1 ~]# ssh 192.168.5.56   ß 这里我再次ssh到这台机器

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!

Someone could be eavesdropping on you right now (man-in-the-middle attack)!

It is also possible that the RSA host key has just been changed.

The fingerprint for the RSA key sent by the remote host is

a1:7f:35:ec:1a:5e:33:df:e8:82:56:cf:b6:99:b6:b9.

Please contact your system administrator.

Add correct host key in /root/.ssh/known_hosts to get rid of this message.

Offending key in /root/.ssh/known_hosts:137

Password authentication is disabled to avoid man-in-the-middle attacks.

Keyboard-interactive authentication is disabled to avoid man-in-the-middle attacks.

Last login: Tue Jul 13 16:45:31 2010 from linux1

[root@searchweb16 ~]#   ß 如上所示，出现了提示，但是我们还是可以正常的ssh到远程。

 

同时如果修改 ssh_config 中的 GSSAPIAuthentication 参数为 no 或者直接注销该参数，可以解决有时候ssh狂慢的问题。Authentication 参数是用于 Kerberos 验证的，而我们不可能使用这种验证机制