.. title: SSH Cookbook: Temporarily Disable Security Message on Connection to a Remote Server .. slug: ssh-cookbook-temporarily-disable-security-message-on-connection-to-a-remote-server .. date: 2014-07-24 18:46:17 .. tags: ssh .. category: .. link: .. description: .. type: text First off, DO NOT do this all the time. ONLY do this when you have evaluated the risks and decided to risk a security breach anyways. I usually do this in my testing environment where I get to work with a lot of new or changing VMs. When you connect for the first time to a server you are prompted to verify its fingerprint. It is then added to your *~/.ssh/known_hosts* file so when you connect the next time and the fingerprint matches you are not prompted again. For example: :: The authenticity of host '192.168.1.22 (192.168.1.22)' can't be established. RSA key fingerprint is 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00. Are you sure you want to continue connecting (yes/no)? .. TEASER_END: Read more This can be annoying when you connect to a lot of "new" SSH servers. It also doesn't work in test environments where scripts need to continously connect to machines they have not connected to before and may not ever connect again. This can be even more annoying when the same IP is recycled between various test machines and your client machine does not connect because a known host's fingerprint changed. You can *temporarily* disable fingerprint matching at the time you are connecting:: ssh myuser@192.168.1.22 -o CheckHostIP=no -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null You can also put this config in your *~/.ssh/config* file so that you don't need to provide these extra flags all the time: :: Host myhost HostName 192.168.1.22 Port 22 User myuser AddressFamily inet CheckHostIP no StrictHostKeyChecking no UserKnownHostsFile /dev/null Now when you connect to the server you will see a message similar to this one: :: Warning: Permanently added '192.168.1.22' (RSA) to the list of known hosts. It hasn't actually added it to the known hosts file and that's the beauty of it. One last thing: DO NOT do this when connecting to machines you absolutely must trust. It's alright to use this technique when connecting within a test lab environment, for example. Note: I published this post originally at `SSH Cookbook: Temporarily Disable Security Message on Connection to a Remote Server `_. Migrated to Nikola in February 2015.