$ man ssh_config
[snip]
CheckHostIP
If this flag is set to ``yes'', ssh will additionally
check the host IP address in the known_hosts file.
This allows ssh to detect if a host key changed due to
DNS spoofing. If the option is set to ``no'', the
check will not be executed. The default is ``yes''.
On Fri, 23 Jan 2004, Robert P. Goldman wrote:
>
> Here's a question that has me a little bamboozled. I have a couple of
> machines behind NAT that I can ssh to through dynamic DNS. But every
> time I do, ssh whines about their host keys being bad. They don't
> match, of course, because the two machines have different RSA keys.
> But they have the same symbolic name --- the only difference is that
> I go in through different ports to get to the two different machines.
> Any way to make ssh shut the heck up about this? Better yet, is there
> any way to convince ssh that what's important is an IP name and port
> number PAIR, instead of just an IP name?
>
> Thanks!
> R
>
_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list