rsync through multiple ssh hops with password authentication
wayned at samba.org
Fri Oct 21 16:35:04 GMT 2005
On Fri, Oct 21, 2005 at 11:55:22AM -0400, Jay Fenlason wrote:
> If you have the keys for both hosts in your ~/.ssh/known_hosts file,
> ssh doesn't complain at all, even with host checking enabled.
It would complain if the "HostKeyAlias" config item wasn't used (and the
known_hosts file already had a conflicting entry for "localhost") which
was my point -- my statement was (at least intended as) a compliment to
Matt on noticing the proper ssh config items to make the tunnel work and
get the keys associated with the correct hostnames.
> The fun part is getting both entries into the file in the first place.
I haven't had a problem with that when using the StrictHostKeyChecking
option to ssh. Setting it to "ask" makes ssh ask me if it should add a
new key, and it then takes care of maintaining the entries in the
known_hosts file. You can either set this option in your ~/.ssh/config
file (and make sure you don't train your fingers to automatically answer
"yes" to an unexpected unknown-hostkey prompt), or you can specify the
option only when needed on the command-line for ssh (use "no" or "ask"):
ssh -o StrictHostKeyChecking=no host
More information about the rsync