Monthly Archives: May 2007

Automate SSH known_hosts cleanup

If you like me, you have to do a lot of installs[1] of the same test machine with the same IP and have to ssh it you will notice this annoying message :

Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
Please contact your system administrator.
Add correct host key in /home/cboudjnah/.ssh/known_hosts
to get rid of this message.
Offending key in /home/cboudjnah/.ssh/known_hosts:595
Password authentication is disabled to avoid
 man-in-the-middle attacks.
Keyboard-interactive authentication is disabled to avoid
man-in-the-middle attacks.
Agent forwarding is disabled to avoid man-in-the-middle attacks.

I have automated the cleanup by a script :
[code lang="bash"]

[[ -z ${H} ]] && { echo "Need a host as argument"; exit 1 ;}
LINE=$(ssh -o StrictHostKeyChecking=yes $1 'exit' 2>&1 | sed -n '/Offending key/ { s/.*://;s/r//;p }')
[[ -z ${LINE} ]] && { echo "Nothing to clean"; exit; }
sed -i -n "$LINE!p" ~/.ssh/known_hosts[/code]
[1] Like having to tests bunch of FAI.

Mandriva Popular in Australia

I have conducting a lot of different interviews for a position available as Linux Sysadmin in my company. What surprised me is the number of people having Mandrake/Mandriva on there resume as there first and current Linux experience. Make me proud everytime to have worked in such company so well known everywhere i go.