On Sat, Nov 01, 2014 at 09:50:44PM +0000, Bhasker C V wrote: > Hi all > > I have a system in a cluster (experimental) and there are a lot of > debian machines which depend on this system and must be able to ssh into > this system > > I wanted password-less authentication and looked on the internet. > Almost all the examples and help shown involves setting up > ssh_known_hosts which I am trying to avoid (cumbersome in a large > network where we dont know who will need access). > > Anyone got this working just plain without adding known hosts ? I do not > want to add each and every host to ssh_known_host. Essentially I want to > have an open access to one of the servers via ssh.
It sounds like you want RFC4255 (SSHFP records) http://tools.ietf.org/html/rfc4255 As I understand it, the SSH server publishes its fingerprint in DNS records, which the client can query and verify, thus avoiding the "Would you like to save this fingerprint" prompt. > > I tried running sshd as root and adding > > auth sufficient pam_rootok.so > > to pam ssh and login > but that did not help. > > Thanks > > Bhasker C V > > > -- > To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org > Archive: https://lists.debian.org/545555b4.2050...@unixindia.com >
signature.asc
Description: Digital signature
