2

When first enter a sudo ssh localhost we always get a note like:

The authenticity of host 'localhost (127.0.0.1)' can't be established. ECDSA key fingerprint is SHA256:u0q6ow7gfu4IvqfGOytZB6MKjO479AUr9hulSqO/dy4. Are you sure you want to continue connecting (yes/no/[fingerprint])?

And I want to skip this step.

I have try follow(with sshpass):

ssh-keygen -t rsa -P '' -f ~/.ssh/deploy_rsa<<<y
cat ~/.ssh/deploy_rsa.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
sudo ssh-keyscan localhost>>~/.ssh/known_hosts

Well it seems just works in ssh localhost, but not in sudo ssh localhost. So is there any reliable way to access my goal?

Heho
  • 21
  • 2
  • Does this answer your question? [How to ignore or Pass 'Yes' when The authenticity of host can't be established in Expect Shell script during Automation](https://stackoverflow.com/questions/28461713/how-to-ignore-or-pass-yes-when-the-authenticity-of-host-cant-be-established-i) – arcanemachine Feb 21 '22 at 22:03
  • Why are you using `sudo ssh localhost` (and `sudo ssh-keyscan`)? It doesn't accomplish anything better than `ssh root@localhost` and in this case worse. – dave_thompson_085 Feb 21 '22 at 22:12
  • For some reason, I have to run a python script in `sudo` and use ansible-playbook to localhost in it to finish some job...So I post my question here. – Heho Feb 22 '22 at 02:18

1 Answers1

2

ssh -o StrictHostKeyChecking=no localhost

Or for something more permanent, create or modify your ~/.ssh/config with this:

Host localhost
    StrictHostKeyChecking no

Also you should know that this process opens you up to MITM attacks (not on localhost obviously) and shouldn't be done on any important server.

Dharman
  • 30,962
  • 25
  • 85
  • 135
arcanemachine
  • 571
  • 4
  • 9