Owner's Manual
Security 93
~:ssh -o StrictHostKeyChecking=ask -l admin 192.168.1.118
The authenticity of host '192.168.1.118 (192.168.1.118)' can't be
established.
RSA key fingerprint is 90:b7:2a:e0:64:30:6a:74:9c:e8:7b:75:61:48:52:7b.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.118' (RSA) to the list of known
hosts.
admin@192.168.1.118's password:
Last login: Thu Sep 10 14:23:08 2009 from 10.35.35.2
--- JUNOS 9.5R1.8 built 2009-04-13 19:25:06 UTC
admin@M5-118>
After this you should see an entry in
~/.ssh/known_hosts
that looks similar to the following
192.168.1.118 ssh-rsa AAAAB3NzaC1yc2EAAAAB
IwAAAIEAlpZUs99PM1fI
2DWtpV/pc2YVK8CvRVQg
DOnvBcS7HFc5IECr+bF1
o6PfEijQ8TILILbJRFtD
bJeZOK0+0cJs8lRNNT3R
j9b79AMCVH0syGiPm7+d
OkqiVVa8FtSkz8VxgpiL
MI959xVr1WKLXsvAtj6b
DbCdN0golL9/h8H8+uk=
The problem with this approach is that you must restart the server after the
known_hosts
file has
been populated for the changes to take effect.
To populate the
known_hosts
file without having to restart the server, follow these steps:
1
Add an entry in the
ssh_config
file setting
StrictHostKeyChecking
to
no
for the
devices you want to add to the known_hosts file.
2
Connect to each of the devices in OpenManage Network Manager using SSHv2 credentials.
This adds an entry to the
known_hosts
file.
3
Remove the entry added to the
ssh_config
file or change the setting
StrictHostKeyChecking
to
yes
.