Re: [TCLUG:3740] ssh and new site yes/no question

[Peter Lukas <peter@math.umn.edu>]

This is generally part of what makes ssh more safe than other remote
terminal connection programs.  In any event, you can try adding in the
"-q" flag for quiet operation.  The best thing to do on a reinstallable
machine network, is to keep distributable keys in a secure location so
that the identity of the machines doesn't change every time the machine is
rebuilt.  These keys will then be redistributed to the new machine after
it's rebuilt and no ssh user will be the wiser.  Also, maintain a decent 
known_hosts file.  For scripting in verbose situations, you can make usage
of a "here" statement like this:

ssh ${REMOTEHOST} <<FUNKY_STUFF
yes
FUNKY_STUFF

Where "y" is the answer to the "do you accept the new key" question. This
basically tells the bash script to do everything from <<FUNKY_STUFF to
FUNKY_STUFF.  It's more commonly used in tandem with cat, but can
sometimes come in handy for scripting.  Hopefully, part of the script
isn't transmitting passowrd information and you're making use of identity
and identity.pub for secure "password-less" ssh connections.  I hope this
helps.

Peter Lukas

On Mon, 25 Jan 1999, Ben Luey wrote:

> I'm using ssh to automatically login to a computer with a dynamic ip
> (dialin ppp) - is there a way to have it not ask me yes/no when connecting
> to an ip address for the first time. Asking yes/no kills my expect script
> but it won't always ask so I can't just add it to my script. I tried "ssh
> -q" but that didn't do it.
> 
> Thanks,
> 
> Ben
> 
> Ben Luey
> lueyb@carleton.edu
> ICQ: 19144397
> 
> Two wrongs don't make a right, but three left turns sure do. -- Jim Hightower
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tclug-list-unsubscribe@listserv.real-time.com
> For additional commands, e-mail: tclug-list-help@listserv.real-time.com
> Try our website: http://tclug.real-time.com
> 
>